Title :
Defending ROP Attacks Using Basic Block Level Randomization
Author :
Xun Zhan ; Tao Zheng ; Shixiang Gao
Author_Institution :
Software Inst., Nanjing Univ., Nanjing, China
fDate :
June 30 2014-July 2 2014
Abstract :
Code reuse attacks such as return-oriented programming, one of the most powerful threats to software system, rely on the absolute address of instructions. Therefore, address space randomization should be an effective defending method. However, current randomization techniques either are lack of enough entropy or have significant time or space overhead. In this paper, we present a novel fine-grained randomization technique at basic block level. In contrast to previous work, our technique dealt with critical technical challenges including indirect branches, callbacks and position independent codes properly at least cost. We implement an efficient prototype randomization system which supports Linux ELF file format and x86 architecture. Our evaluation demonstrated that it can defend ROP attacks with tiny performance overhead (4% on average) successfully.
Keywords :
Linux; security of data; software architecture; Linux ELF file format; address space randomization; basic block level randomization; critical technical challenge; defending ROP attacks; dode reuse attacks; fine-grained randomization technique; performance overhead; position independent codes; prototype randomization system; randomization techniques; return-oriented programming; software system; x86 architecture; Binary codes; Engines; Entropy; Libraries; Programming; Security; Software; ASLR; randomization; return-oriented programming; software security;
Conference_Titel :
Software Security and Reliability-Companion (SERE-C), 2014 IEEE Eighth International Conference on
Conference_Location :
San Francisco, CA
DOI :
10.1109/SERE-C.2014.28
