Title :
Measuring ASLR implementations on modern operating systems
Author :
Herrera Aristizabal, David ; Mora Rodriguez, David ; Yepes Guevara, Ricardo
Author_Institution :
Univ. de Antioquia, Medellin, Colombia
Abstract :
Address Space Layout Randomization (ASLR) is a security technique that uses randomness to conceal regions of virtual memory address space of processes, to increase the effort required to develop reliable exploits. It was introduced in the first decade of the third millennium as a mechanism to stop a dangerous attack vector, known as memory corruption. This paper presents a methodology used to evaluate the effectiveness of this technique, as well as the results of the evaluation of two commonly used operating systems: Microsoft´s Windows 7 and Canonical´s Ubuntu Linux 10.10, both in the 32-bits and 64-bits versions.
Keywords :
operating systems (computers); security of data; ASLR implementation; Canonical Ubuntu Linux 10.10; Microsoft Windows 7; address space layout randomization; memory corruption; operating systems; security technique; virtual memory address space; Entropy; Kernel; Libraries; Linux; NIST; Security; ASLR; Linux protections; Memory corruption; Windows protections;
Conference_Titel :
Security Technology (ICCST), 2013 47th International Carnahan Conference on
Conference_Location :
Medellin
DOI :
10.1109/CCST.2013.6922073
