research-article

Open access

Adoption Challenges of Code Randomization

Authors:

Michael FranzAuthors Info & Claims

MTD'20: Proceedings of the 7th ACM Workshop on Moving Target Defense

Pages 45 - 49

https://doi.org/10.1145/3411496.3421226

Published: 09 November 2020 Publication History

Abstract

Languages in the C family are distinguished by their efficiency, maturity, and their lack of guardrails compared to other mainstream language in use today. Their efficiency properties kept these languages relevant as new ones appeared. Their lack of memory safety and the resulting vulnerabilities is an ongoing challenge.

Code randomization, a moving target defense technique, is one among many competing answers to this challenge. Many techniques have been proposed and evaluated extensively in academic conferences but adoption in the field is lagging. The goal of this paper is to highlight why adoption is so hard and what can be done about it. Code randomization techniques offer much flexibility in their design and implementation. We encourage research that investigates the complex trade-offs between security and many equally important concerns that must be made for enhanced code randomization defenses to make their way into production.

References

[1]

Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti. 2005. Control-flow integrity. In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS '05). 340--353.

Digital Library

[2]

ARM Ltd. 2017. ARM Architecture Reference Manual ARMv8. https://static.docs. arm.com/ddi0487/ca/DDI0487C_a_armv8_arm.pdf.

[3]

Michael Backes and Stefan Nürnberger. 2014. Oxymoron: Making Fine-Grained Memory Randomization Practical by Allowing Code Sharing. In USENIX Security Symposium.

Digital Library

[4]

Andrea Biondo, Mauro Conti, and Daniele Lain. 2018. Back To The Epilogue: Evading Control Flow Guard via Unaligned Targets. In Symposium on Network and Distributed System Security (NDSS).

[5]

Nathan Burow, Scott A. Carr, Joseph Nash, Per Larsen, Michael Franz, Stefan Brunthaler, and Mathias Payer. 2017. Control-Flow Integrity: Precision, Security, and Performance. ACM Comput. Surv., Vol. 50, 1, Article 16 (April 2017).

Digital Library

[6]

Nicolas Carlini, Antonio Barresi, Mathias Payer, David Wagner, and Thomas R. Gross. 2015. Control-Flow Bending: On the Effectiveness of Control-flow Integrity. In USENIX Security Symposium.

[7]

Mauro Conti, Stephen Crane, Lucas Davi, Michael Franz, Per Larsen, Marco Negro, Christopher Liebchen, Mohaned Qunaibit, and Ahmad-Reza Sadeghi. 2015. Losing Control: On the Effectiveness of Control-Flow Integrity under Stack Attacks. In ACM Conference on Computer and Communications Security (CCS).

Digital Library

[8]

Mauro Conti, Stephen Crane, Tommaso Frassetto, Andrei Homescu, Georg Koppen, Per Larsen, Christopher Liebchen, Mike Perry, and Ahmad-Reza Sadeghi. 2016. Selfrando: Securing The Tor Browser Against De-anonymization Exploits. In Privacy Enhancing Technologies Symposium (PETS).

[9]

Lucas Davi, Daniel Lehmann, Ahmad-Reza Sadeghi, and Fabian Monrose. 2014. Stitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity Protection. In USENIX Security Symposium.

Digital Library

[10]

Vincenzo Frascino. 2019. ARM v8.5 Memory Tagging Extension. Linux Plumbers Conference, https://www.linuxplumbersconf.org/event/4/contributions/571/attachments/399/642/MTE_LPC.pdf.

[11]

Enes Göktas, Elias Athanasopoulos, Herbert Bos, and Georgios Portokalidis. 2014. Out of Control: Overcoming Control-Flow Integrity. In IEEE Symposium on Security and Privacy (S&P).

[12]

Andrei Homescu, Stefan Brunthaler, Per Larsen, and Michael Franz. 2013. librando: Transparent Code Randomization for Just-in-Time Compilers. In ACM Conference on Computer and Communications Security (CCS).

Digital Library

[13]

Chongkyung Kil, Jinsuk Jun, Christopher Bookholt, Jun Xu, and Peng Ning. 2006. Address Space Layout Permutation (ASLP): Towards Fine-Grained Randomization of Commodity Software. In Proceedings of the 22nd Annual Computer Security Applications Conference (ACSAC '06).

Digital Library

[14]

V. J. M. Manès, H. Han, C. Han, S. K. Cha, M. Egele, E. J. Schwartz, and M. Woo. 2019. The Art, Science, and Engineering of Fuzzing: A Survey. IEEE Transactions on Software Engineering (2019). Early Access. https://ieeexplore.ieee.org/document/8863940.

[15]

Microsoft. 2006. Data Execution Prevention (DEP). http://support.microsoft.com/kb/875352/EN-US.

[16]

Microsoft Corporation 2018. Microsoft Control-Flow Guard. https://docs. microsoft.com/en-us/windows/win32/secbp/control-flow-guard.

[17]

Matt Miller. 2015. https://msrc-blog.microsoft.com/2015/09/08/what-makes-a-good-microsoft-defense-bounty-submission/. Accessed September 12th, 2020.

[18]

PaX Team. 2001. Homepage of The PaX Team. http://pax.grsecurity.net.

[19]

Qualcomm Technologies, Inc. 2017. Pointer Authentication on ARMv8.3. https://www.qualcomm.com/media/documents/files/whitepaper-pointerauthentication-on-armv8-3.pdf.

[20]

Kostya Serebryany, Evgenii Stepanov, Aleksey Shlyapnikov, Vlad Tsyrklevich, and Dmitry Vyukov. 2018. Memory Tagging and how it improves C/C++ memory safety. https://arxiv.org/pdf/1802.09517.pdf.

[21]

Fermin J. Serna. 2012. The info leak era on software exploitation. https://paper.bobylive.com/Meeting_Papers/BlackHat/USA-2012/BH_US_12_Serna_Leak_Era_Slides.pdf. BlackHat USA.

[22]

Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, and Dan Boneh. 2004. On the Effectiveness of Address-Space Randomization. In ACM Conference on Computer and Communications Security (CCS).

[23]

Dokyung Song, Julian Lettner, Prabhu Rajasekaran, Yeoul Na, Stijn Volckaert, Per Larsen, and Michael Franz. 2019. SoK: Sanitizing for Security. In IEEE Symposium on Security and Privacy (S&P).

[24]

Laszlo Szekeres, Mathias Payer, Tao Wei, and Dawn Song. 2013. SoK: Eternal War in Memory. In IEEE Symposium on Security and Privacy (S&P).

[25]

Stijn Volckaert, Bart Coppens, Alexios Voulimeneas, Andrei Homescu, Per Larsen, Bjorn De Sutter, and Michael Franz. 2016. Secure and Efficient Application Monitoring and Replication. In USENIX Annual Technical Conference.

[26]

Tielei Wang and Hao Xu. 2019. Attacking iPhone XS Max. https://www.blackhat.com/us-19/briefings/schedule/#attacking-iphone-xs-max-14444. BlackHat USA.

Cited By

Li YChung YBao YLu YGuo SLin G(2022)KPointer: Keep the code pointers on the stack point to the right codeComputers & Security10.1016/j.cose.2022.102781(102781)Online publication date: Jun-2022
https://doi.org/10.1016/j.cose.2022.102781
Okhravi H(2022)Moving Target DefenseEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-642-27739-9_1770-1(1-4)Online publication date: 29-Nov-2022
https://doi.org/10.1007/978-3-642-27739-9_1770-1
Wang JPang JShan ZWei JYao JLiu F(2021)A Software Diversity-Based Lab in Operating System for Cyber Security Students2021 IEEE 3rd International Conference on Computer Science and Educational Informatization (CSEI)10.1109/CSEI51395.2021.9477732(296-299)Online publication date: 18-Jun-2021
https://doi.org/10.1109/CSEI51395.2021.9477732

Index Terms

Adoption Challenges of Code Randomization
1. Security and privacy
  1. Software and application security
  2. Systems security
    1. Operating systems security

Recommendations

Marlin: Mitigating Code Reuse Attacks Using Code Randomization
Code-reuse attacks, such as return-oriented programming (ROP), are a class of buffer overflow attacks that repurpose existing executable code towards malicious purposes. These attacks bypass defenses against code injection attacks by chaining together ...
It's a TRaP: Table Randomization and Protection against Function-Reuse Attacks
CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

Code-reuse attacks continue to evolve and remain a severe threat to modern software. Recent research has proposed a variety of defenses with differing security, efficiency, and practicality characteristics. Whereas the majority of these solutions focus ...
Moving Targets vs. Moving Adversaries: On the Effectiveness of System Randomization
MTD '17: Proceedings of the 2017 Workshop on Moving Target Defense

Memory-corruption vulnerabilities pose a severe threat on modern systems security. Although this problem is known for almost three decades it is unlikely to be solved in the near future because a large amount of modern software is still programmed in ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

MTD'20: Proceedings of the 7th ACM Workshop on Moving Target Defense

November 2020

96 pages

ISBN:9781450380850

DOI:10.1145/3411496

Program Chairs:
Hamed Okhravi
MIT Lincoln Laboratory
,
Cliff Wang
US Army Research Office

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 November 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

United States Office of Naval Research

Conference

CCS '20

Sponsor:

SIGSAC

CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security

November 9, 2020

Virtual Event, USA

Acceptance Rates

Overall Acceptance Rate 40 of 92 submissions, 43%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
677
Total Downloads

Downloads (Last 12 months)185
Downloads (Last 6 weeks)30

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Li YChung YBao YLu YGuo SLin G(2022)KPointer: Keep the code pointers on the stack point to the right codeComputers & Security10.1016/j.cose.2022.102781(102781)Online publication date: Jun-2022
https://doi.org/10.1016/j.cose.2022.102781
Okhravi H(2022)Moving Target DefenseEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-642-27739-9_1770-1(1-4)Online publication date: 29-Nov-2022
https://doi.org/10.1007/978-3-642-27739-9_1770-1
Wang JPang JShan ZWei JYao JLiu F(2021)A Software Diversity-Based Lab in Operating System for Cyber Security Students2021 IEEE 3rd International Conference on Computer Science and Educational Informatization (CSEI)10.1109/CSEI51395.2021.9477732(296-299)Online publication date: 18-Jun-2021
https://doi.org/10.1109/CSEI51395.2021.9477732

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents