Title :
Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization
Author :
Snow, K.Z. ; Monrose, F. ; Davi, L. ; Dmitrienko, A. ; Liebchen, C. ; Sadeghi, A.
Author_Institution :
Dept. of Comput. Sci., Univ. of North Carolina at Chapel Hill, Chapel Hill, NC, USA
Abstract :
Fine-grained address space layout randomization (ASLR) has recently been proposed as a method of efficiently mitigating runtime attacks. In this paper, we introduce the design and implementation of a framework based on a novel attack strategy, dubbed just-in-time code reuse, that undermines the benefits of fine-grained ASLR. Specifically, we derail the assumptions embodied in fine-grained ASLR by exploiting the ability to repeatedly abuse a memory disclosure to map an application´s memory layout on-the-fly, dynamically discover API functions and gadgets, and JIT-compile a target program using those gadgets -- all within a script environment at the time an exploit is launched. We demonstrate the power of our framework by using it in conjunction with a real-world exploit against Internet Explorer, and also provide extensive evaluations that demonstrate the practicality of just-in-time code reuse attacks. Our findings suggest that fine-grained ASLR may not be as promising as first thought.
Keywords :
application program interfaces; program compilers; search engines; security of data; API functions; API gadgets; ASLR; Internet Explorer; JIT-compile; attack strategy; fine-grained address space layout randomization; just-in-time code reuse attacks; memory disclosure; runtime attacks; script environment; Layout; Libraries; Payloads; Programming; Registers; Runtime; Security;
Conference_Titel :
Security and Privacy (SP), 2013 IEEE Symposium on
Conference_Location :
Berkeley, CA
Print_ISBN :
978-1-4673-6166-8
Electronic_ISBN :
1081-6011
