-
-
[转帖]Efficient and Fine-grained Address Space Randomization
-
发表于: 2012-10-29 14:15 1286
-
Efficient and Fine-grained Address Space Randomization
by Cristiano Giuffrida, Anton Kuijsten, Andrew S. Tanenbaum
Efficient and Fine-grained Address Space Randomization.rar
by Cristiano Giuffrida, Anton Kuijsten, Andrew S. Tanenbaum
In recent years, the deployment of many application-level countermeasures against memory errors and the increasing number of vulnerabilities discovered in the kernel has fostered a renewed interest in kernel-level exploitation. Unfortunately, no comprehensive and well-established mechanism exists to protect the operating system from arbitrary attacks, due to the relatively new development of the area and the challenges involved.
In this paper, we propose the first design for fine-grained address space randomization (ASR) inside the operating system (OS), providing an efficient and comprehensive countermeasure against classic and emerging attacks, such as return-oriented programming. To motivate our design, we investigate the differences with application-level ASR and find that some of the well-established assumptions in existing solutions are no longer valid inside the OS; above all, perhaps, that information leakage becomes a major concern in the new context. We show that our ASR strategy outperforms state-of-the-art solutions in terms of both performance and security without affecting the software distribution model. Finally, we present the first comprehensive live re-randomization strategy, which we found to be particularly important inside the OS. Experimental results demonstrate that our techniques yield low run-time performance overhead (less than 5% on average on both SPEC and syscall-intensive benchmarks) and limited run-time memory footprint increase (around 15% during the execution of our benchmarks). We believe our techniques can greatly enhance the level of OS security without compromising the performance and reliability of the OS.
Efficient and Fine-grained Address Space Randomization.rar
赞赏
他的文章
- [转帖]IDM.Computer.Solutions.UltraEdit.Enterprise.v2024.1.0.36.x64.Incl.Keyfilemaker-BTCR 1796
- [转帖]IDM.Computer.Solutions.UEStudio.Enterprise.v2024.1.0.36.x64.Incl.Keyfilemaker-BTCR 1804
- [转帖]IDM.Computer.Solutions.UltraFinder.Enterprise.v2023.0.0.17.x64.Incl.Keyfilemaker-BTCR 1681
- [转帖]JEB Decompiler 5.20.0.202411121942 mod by CXV 1710
- [转帖]Tenorshare.4uKey.for.Android.v2.1.1-AMPED 941
看原图
赞赏
雪币:
留言: