Data Space Randomization
Detection of Intrusions and Malware & Vulnerability Assessment(2008)
摘要
Over the past several years, US-CERT advisories, as well as most critical updates from software vendors, have been due to
memory corruption vulnerabilities such as buffer overflows, heap overflows, etc. Several techniques have been developed to
defend against the exploitation of these vulnerabilities, with the most promising defenses being based on randomization. Two
randomization techniques have been explored so far: address space randomization (ASR) that randomizes the location of objects
in virtual memory, and instruction set randomization (ISR) that randomizes the representation of code. We explore a third
form of randomization called data space randomization (DSR) that randomizes the representation of data stored in program memory.
Unlike ISR, DSR is effective against non-control data attacks as well as code injection attacks. Unlike ASR, it can protect
against corruption of non-pointer data as well as pointer-valued data. Moreover, DSR provides a much higher range of randomization
(typically 232 for 32-bit data) as compared to ASR. Other interesting aspects of DSR include (a) it does not share a weakness common to
randomization-based defenses, namely, susceptibility to information leakage attacks, and (b) it is capable of detecting some
exploits that are missed by full bounds-checking techniques, e.g., some of the overflows from one field of a structure to
the next field. Our implementation results show that with appropriate design choices, DSR can achieve a performance overhead
in the range of 5% to 30% for a range of programs.
更多查看译文
关键词
randomization technique,buffer overflow,non-pointer data,memory corruption,instruction set randomization,address space randomization,data space randomization,memory error,address space randomization.,non-control data attack,32-bit data,pointer-valued data,higher range,virtual memory
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要