Article

Oxymoron: making fine-grained memory randomization practical by allowing code sharing

Authors:

Michael Backes,

Stefan NürnbergerAuthors Info & Claims

SEC'14: Proceedings of the 23rd USENIX conference on Security Symposium

Pages 433 - 447

Published: 20 August 2014 Publication History

Abstract

The latest effective defense against code reuse attacks is fine-grained, per-process memory randomization. However, such process randomization prevents code sharing since there is no longer any identical code to share between processes. Without shared libraries, however, tremendous memory savings are forfeit. This drawback may hinder the adoption of fine-grained memory randomization.

We present Oxymoron, a secure fine-grained memory randomization technique on a per-process level that does not interfere with code sharing. Executables and libraries built with Oxymoron feature 'memory-layout-agnostic code', which runs on a commodity Linux. Our theoretical and practical evaluations show that Oxymoron is the first solution to be secure against just-in-time code reuse attacks and demonstrate that fine-grained memory randomization is feasible without forfeiting the enormous memory savings of shared libraries.

References

[1]

Common Weakness Enumeration - Top Software Vulnerabilities. http://cwe.mitre.org/top25/index.html.

[2]

Database of Common Security Vulnerabilities and Exposures. http://cve.mitre.org.

[3]

Dwarf 2.0 debugging format standard. http://www.dwarfstd. org/doc/dwarf-2.0.0.pdf.

[4]

Gartner Says Mobile App Stores Will See Annual Downloads Reach 102 Billion in 2013. http://www.gartner.com/ newsroom/id/2592315.

[5]

How to hijack the Global Offset Table with pointers for root shells. http://www.open-security.org/texts/6.

[6]

Executable and Linking Format (ELF). Tool Interface Standards Committee, May 1995.

[7]

ABADI, M., BUDIU, M., ERLINGSSON, U., AND LIGATTI, J. Control-flow integrity. In ACM Conference on Computer and Communications Security (CCS) (2005), ACM, pp. 340-353.

Digital Library

[8]

BHATKAR, S., SEKAR, R., AND DUVARNEY, D. C. Efficient techniques for comprehensive protection from memory error exploits. In USENIX Security Symposium (2005), USENIX Association.

Digital Library

[9]

BRUENNING, D. Efficient, Transparent and Comprehensive Runtime Code Manipulation. PhD thesis, Massachusetts Institute of Technology, 2004.

Digital Library

[10]

COHEN, F. B. Operating system protection through program evolution. Computer & Security 12, 6 (Oct. 1993), 565-584.

Digital Library

[11]

CURTSINGER, C., AND BERGER, E. D. Stabilizer: statistically sound performance evaluation. In ACM SIGARCH Computer Architecture News (2013), vol. 41, ACM, pp. 219-228.

Digital Library

[12]

DAVI, L., DMITRIENKO, A., EGELE, M., FISCHER, T., HOLZ, T., HUND, R., NÜRNBERGER, S., AND SADEGHI, A.-R. MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones. In Symposium on Network and Distributed System Security (NDSS) (2012).

[13]

DAVI, L. V., DMITRIENKO, A., NÜRNBERGER, S., AND SADEGHI, A.-R. Gadge me if you can: Secure and efficient adhoc instruction-level randomization for x86 and arm. In 8th ACM SIGSAC symposium on Information, computer and communications security (ACM ASIACCS 2013) (2013), ACM, pp. 299-310.

Digital Library

[14]

DE SUTTER, B., DE BUS, B., AND DE BOSSCHERE, K. Link-time binary rewriting techniques for program compaction. ACM Transactions on Programming Languages and Systems (TOPLAS) 27, 5 (2005), 882-945.

Digital Library

[15]

EUSTACE, A., AND SRIVASTAVA, A. Atom: A flexible interface for building high performance program analysis tools. In Proceedings of the USENIX 1995 Technical Conference Proceedings (1995), USENIX Association, pp. 25-25.

Digital Library

[16]

FRANZ, M. E unibus pluram: massive-scale software diversity as a defense mechanism. In Proceedings of the 2010 workshop on New security paradigms (2010), ACM, pp. 7-16.

Digital Library

[17]

GIUFFRIDA, C., KUIJSTEN, A., AND TANENBAUM, A. S. Enhanced operating system security through efficient and fine-grained address space randomization. In Proceedings of the 21st USENIX conference on Security symposium (2012), USENIX Association, pp. 40-40.

Digital Library

[18]

HISER, J. D., NGUYEN-TUONG, A., CO, M., HALL, M., AND DAVIDSON, J. W. ILR: Where'd My Gadgets Go? In IEEE Symposium on Security and Privacy (2012).

Digital Library

[19]

JACKSON, T., SALAMAT, B., HOMESCU, A., MANIVANNAN, K., WAGNER, G., GAL, A., BRUNTHALER, S., WIMMER, C., AND FRANZ, M. Compiler-generated software diversity. In Moving Target Defense, vol. 54 of Advances in Information Security. Springer New York, 2011, pp. 77-98.

[20]

KIL, C., JUN, J., BOOKHOLT, C., XU, J., AND NING, P. Address space layout permutation (ASLP): Towards fine-grained randomization of commodity software. In ACSAC (2006).

Digital Library

[21]

PAPPAS, V., POLYCHRONAKIS, M., AND KEROMYTIS, A. D. Smashing the gadgets: Hindering return-oriented programming using in-place code randomization. In IEEE Symposium on Security and Privacy (2012).

Digital Library

[22]

PAX TEAM. http://pax.grsecurity.net/.

[23]

PAX TEAM. PaX Address Space Layout Randomization (ASLR). http://pax.grsecurity.net/docs/aslr.txt.

[24]

SHACHAM, H. The Geometry of Innocent Flesh on the Bone: Return-into-libc Without Function Calls (on the x86). In ACM Conference on Computer and Communications Security (CCS) (2007).

Digital Library

[25]

SHACHAM, H., JIN GOH, E., MODADUGU, N., PFAFF, B., AND BONEH, D. On the Effectiveness of Address-space Randomization. In ACM Conference on Computer and Communications Security (CCS) (2004).

Digital Library

[26]

SNOW, K. Z., MONROSE, F., DAVI, L., DMITRIENKO, A., LIEBCHEN, C., AND SADEGHI, A.-R. Just-in-time code reuse: On the effectiveness of fine-grained address space layout randomization. In IEEE Symposium on Security and Privacy (2013).

Digital Library

[27]

TRAN, M., ETHERIDGE, M., BLETSCH, T., JIANG, X., FREEH, V., AND NING, P. On the expressiveness of return-into-libc attacks. In Proceedings of the 14th international conference on Recent Advances in Intrusion Detection (2011), Springer-Verlag.

Digital Library

[28]

VAN DER VEEN, V., CAVALLARO, L., BOS, H., ET AL. Memory errors: the past, the present, and the future. In Research in Attacks, Intrusions, and Defenses. Springer, 2012, pp. 86-106.

[29]

WARTELL, R., MOHAN, V., HAMLEN, K. W., AND LIN, Z. Binary Stirring: Self-randomizing Instruction Addresses of Legacy x86 Binary Code. In ACM Conference on Computer and Communications Security (CCS) (2012).

Digital Library

[30]

XU, H., AND CHAPIN, S. Address-space layout randomization using code islands. In Journal of Computer Security (2009), IOS Press, pp. 331-362.

Digital Library

Cited By

Priyadarshan SNguyen HSekar RAamodt TSwift MJerger N(2023)Accurate Disassembly of Complex Binaries Without Use of Compiler MetadataProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 410.1145/3623278.3624766(1-18)Online publication date: 25-Mar-2023
https://dl.acm.org/doi/10.1145/3623278.3624766
Holmes BWaterman JWilliams DBromberg YKermarrec AKozyrakis C(2022)KASLR in the age of MicroVMsProceedings of the Seventeenth European Conference on Computer Systems10.1145/3492321.3519578(149-165)Online publication date: 28-Mar-2022
https://dl.acm.org/doi/10.1145/3492321.3519578
Larsen PFranz MOkhravi HWang C(2020)Adoption Challenges of Code RandomizationProceedings of the 7th ACM Workshop on Moving Target Defense10.1145/3411496.3421226(45-49)Online publication date: 9-Nov-2020
https://dl.acm.org/doi/10.1145/3411496.3421226
Show More Cited By

Index Terms

Oxymoron: making fine-grained memory randomization practical by allowing code sharing
1. Security and privacy
  1. Systems security
    1. Operating systems security

Index terms have been assigned to the content through auto-classification.

Recommendations

Agile management - an oxymoron?: who needs managers anyway?
OOPSLA '03: Companion of the 18th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
"Self-directed team" is one of the mantras of Agile Methodologies. Self-direction means that the team's manager is relegated to a facilitator role with little or no influence over day-to-day activities. For example, Kent Beck has written that the ...
Computer art - an oxymoron? Views from the mainstream

Hello. My name is Dorothy Spencer, and this is a special session entitled Computer Art - An Oxymoron? Views from the Mainstream.Before I introduce the panel members I want to tell you two things briefly about the session. First I'm going to tell you ...
Computer art - an oxymoron? Views from the mainstream
SIGGRAPH '89: ACM SIGGRAPH 89 Panel Proceedings

Hello. My name is Dorothy Spencer, and this is a special session entitled Computer Art - An Oxymoron? Views from the Mainstream.Before I introduce the panel members I want to tell you two things briefly about the session. First I'm going to tell you ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

SEC'14: Proceedings of the 23rd USENIX conference on Security Symposium

August 2014

1067 pages

ISBN:9781931971157

Program Chair:
Kevin Fu
University of Michigan

Sponsors

Akamai: Akamai
Google Inc.
IBMR: IBM Research
NSF
Microsoft Reasearch: Microsoft Reasearch
USENIX Assoc: USENIX Assoc

Publisher

USENIX Association

United States

Publication History

Published: 20 August 2014

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

30
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 27 Jul 2024

Other Metrics

View Author Metrics

Citations

Cited By

Priyadarshan SNguyen HSekar RAamodt TSwift MJerger N(2023)Accurate Disassembly of Complex Binaries Without Use of Compiler MetadataProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 410.1145/3623278.3624766(1-18)Online publication date: 25-Mar-2023
https://dl.acm.org/doi/10.1145/3623278.3624766
Holmes BWaterman JWilliams DBromberg YKermarrec AKozyrakis C(2022)KASLR in the age of MicroVMsProceedings of the Seventeenth European Conference on Computer Systems10.1145/3492321.3519578(149-165)Online publication date: 28-Mar-2022
https://dl.acm.org/doi/10.1145/3492321.3519578
Larsen PFranz MOkhravi HWang C(2020)Adoption Challenges of Code RandomizationProceedings of the 7th ACM Workshop on Moving Target Defense10.1145/3411496.3421226(45-49)Online publication date: 9-Nov-2020
https://dl.acm.org/doi/10.1145/3411496.3421226
Jelesnianski CYom JMin CJang Y(2020)MARDUProceedings of the 13th ACM International Systems and Storage Conference10.1145/3383669.3398280(49-60)Online publication date: 30-May-2020
https://dl.acm.org/doi/10.1145/3383669.3398280
Wang ZWu CZhang YTang BYew PXie MLai YKang YCheng YShi ZHeninger NTraynor P(2019)SafehiddenProceedings of the 28th USENIX Conference on Security Symposium10.5555/3361338.3361424(1239-1256)Online publication date: 14-Aug-2019
https://dl.acm.org/doi/10.5555/3361338.3361424
Jin ZChen YLiu TLi KWang ZZheng J(2019)A Novel and Fine-grained Heap Randomization Allocation Strategy for Effectively Alleviating Heap Buffer Overflow VulnerabilitiesProceedings of the 2019 4th International Conference on Mathematics and Artificial Intelligence10.1145/3325730.3325738(115-122)Online publication date: 12-Apr-2019
https://dl.acm.org/doi/10.1145/3325730.3325738
Bhat Kvan der Kouwe EBos HGiuffrida CBahar IHerlihy MWitchel ELebeck A(2019)ProbeGuardProceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3297858.3304073(545-558)Online publication date: 4-Apr-2019
https://dl.acm.org/doi/10.1145/3297858.3304073
Montasari RHosseinian-Far AHill RMontaseri FSharma MShabbir S(2018)Are Timing-Based Side-Channel Attacks Feasible in Shared, Modern Computing Hardware?International Journal of Organizational and Collective Intelligence10.4018/IJOCI.20180401038:2(32-59)Online publication date: 1-Apr-2018
https://dl.acm.org/doi/10.4018/IJOCI.2018040103
Kollenda BKoppe PFyrbiak MKison CPaar CHolz TLie DMannan MBackes MWang X(2018)An Exploratory Analysis of Microcode as a Building Block for System DefensesProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243861(1649-1666)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243861
Hu HQian CYagemann CChung SHarris WKim TLee WLie DMannan MBackes MWang X(2018)Enforcing Unique Code Target Property for Control-Flow IntegrityProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243797(1470-1486)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243797
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Table of Contents