poster

Marlin: making it harder to fish for gadgets

Authors:

Aditi Gupta,

Sam Kerr,

Michael S. Kirkpatrick,

Elisa BertinoAuthors Info & Claims

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

Pages 1016 - 1018

https://doi.org/10.1145/2382196.2382310

Published: 16 October 2012 Publication History

Get Access

Abstract

Code-reuse attacks, including return-oriented programming (ROP) and jump-oriented programming, bypass defenses against code injection by repurposing existing executable code in application binaries and shared libraries toward a malicious end. A common feature of these attacks is the reliance on the knowledge of the layout of the executable code. We propose a fine grained randomization based approach that modifies the layout of executable code and hinders code-reuse attack. Our solution consists solely of a modified dynamic loader that randomizes the internal structure of the executable code, thereby denying the attacker the necessary apriori knowledge for constructing the desired sequence of gadgets. Our approach has the advantage that it can be applied to any ELF binary and every execution of this binary uses a different randomization. We describe the initial implementation of Marlin, a customized loader for randomization of executable code. Our work shows that such an approach is feasible and significantly increases the level of security against code-reuse attacks.

References

[1]

E. Bhatkar, D. C. Duvarney, and R. Sekar. Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In Proc. of the 12th USENIX Security Symposium, pages 105--120, 2003.

Digital Library

Google Scholar

[2]

S. Checkoway, L. Davi, A. Dmitrienko, A.-R. Sadeghi, H. Shacham, and M. Winandy. Return-oriented programming without returns. In CCS '10. ACM, 2010.

Digital Library

Google Scholar

[3]

C. Cowan, S. Beattie, J. Johansen, and P. Wagle. Pointguard: Protecting pointers from buffer overflow vulnerabilities. In Proc. of the 12th Usenix Security Symposium, 2003.

Digital Library

Google Scholar

[4]

Jonathan Salwan. ROPgadget tool. http://shell-storm.org/project/ROPgadget/.

Google Scholar

[5]

PaX Team. PaX. http://pax.grsecurity.net/.

Google Scholar

[6]

G. Roglia, L. Martignoni, R. Paleari, and D. Bruschi. Surgically returning to randomized lib(c). In ACSAC '09, pages 60--69, dec. 2009.

Digital Library

Google Scholar

[7]

H. Shacham. The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In CCS '07, pages 552--561. ACM, 2007.

Digital Library

Google Scholar

[8]

H. Shacham, M. Page, B. Pfaff, E.-J. Goh, N. Modadugu, and D. Boneh. On the effectiveness of address-space randomization. In CCS '04, pages 298--307. ACM, 2004.

Digital Library

Google Scholar

[9]

Solar Designer. Getting around non-executable stack (and fix). August 1997.

Google Scholar

Cited By

View all

Gupta AHabibi JKirkpatrick MBertino E(2015)Marlin: Mitigating Code Reuse Attacks Using Code RandomizationIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2014.234538412:3(326-337)Online publication date: 1-May-2015
https://doi.org/10.1109/TDSC.2014.2345384
Bertino EHartman N(2015)Cybersecurity for product lifecycle management a research roadmap2015 IEEE International Conference on Intelligence and Security Informatics (ISI)10.1109/ISI.2015.7165949(114-119)Online publication date: May-2015
https://doi.org/10.1109/ISI.2015.7165949
Yuan PZeng QDing X(2015)Hardware-Assisted Fine-Grained Code-Reuse Attack DetectionProceedings of the 18th International Symposium on Research in Attacks, Intrusions, and Defenses - Volume 940410.1007/978-3-319-26362-5_4(66-85)Online publication date: 2-Nov-2015
https://dl.acm.org/doi/10.1007/978-3-319-26362-5_4
Show More Cited By

Index Terms

Marlin: making it harder to fish for gadgets
1. Security and privacy
  1. Security services
    1. Access control
  2. Systems security
    1. Operating systems security

Recommendations

Marlin: Mitigating Code Reuse Attacks Using Code Randomization
Code-reuse attacks, such as return-oriented programming (ROP), are a class of buffer overflow attacks that repurpose existing executable code towards malicious purposes. These attacks bypass defenses against code injection attacks by chaining together ...
Beasty Memories: The Quest for Practical Defense against Code Reuse Attacks
TrustED '14: Proceedings of the 4th International Workshop on Trustworthy Embedded Devices

Code reuse attacks such as return-oriented programming (ROP) are predominant attack techniques that are extensively used to exploit vulnerabilities in modern software programs. ROP maliciously combines short instruction sequences (gadgets) residing in ...
Return-Oriented Programming Attack on the Xen Hypervisor
ARES '12: Proceedings of the 2012 Seventh International Conference on Availability, Reliability and Security

In this paper, we present an approach to attackon the Xen hypervisor utilizing return-oriented programming(ROP). It modifies the data in the hypervisor that controlswhether a VM is privileged or not and thus can escalatethe privilege of an unprivileged ...

Comments

Information & Contributors

Information

Published In

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

October 2012

1088 pages

ISBN:9781450316514

DOI:10.1145/2382196

General Chair:
Ting Yu
North Carolina State University, USA
,
Program Chairs:
George Danezis
Microsoft Research Cambridge, UK
,
Virgil Gligor
Carnegie Mellon University, USA

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 October 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Poster

Conference

CCS'12

Sponsor:

SIGSAC

CCS'12: the ACM Conference on Computer and Communications Security

October 16 - 18, 2012

North Carolina, Raleigh, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
356
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 02 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Gupta AHabibi JKirkpatrick MBertino E(2015)Marlin: Mitigating Code Reuse Attacks Using Code RandomizationIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2014.234538412:3(326-337)Online publication date: 1-May-2015
https://doi.org/10.1109/TDSC.2014.2345384
Bertino EHartman N(2015)Cybersecurity for product lifecycle management a research roadmap2015 IEEE International Conference on Intelligence and Security Informatics (ISI)10.1109/ISI.2015.7165949(114-119)Online publication date: May-2015
https://doi.org/10.1109/ISI.2015.7165949
Yuan PZeng QDing X(2015)Hardware-Assisted Fine-Grained Code-Reuse Attack DetectionProceedings of the 18th International Symposium on Research in Attacks, Intrusions, and Defenses - Volume 940410.1007/978-3-319-26362-5_4(66-85)Online publication date: 2-Nov-2015
https://dl.acm.org/doi/10.1007/978-3-319-26362-5_4
Ding WXing XChen PXin ZMao B(2014)Automatic construction of printable return-oriented programming payload2014 9th International Conference on Malicious and Unwanted Software: The Americas (MALWARE)10.1109/MALWARE.2014.6999408(18-25)Online publication date: Oct-2014
https://doi.org/10.1109/MALWARE.2014.6999408
Jämthagen CKarlsson LStankovski PHell M(2014)eavesROP: Listening for ROP Payloads in Data StreamsInformation Security10.1007/978-3-319-13257-0_25(413-424)Online publication date: 2014
https://doi.org/10.1007/978-3-319-13257-0_25

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Marlin: Mitigating Code Reuse Attacks Using Code Randomization

Beasty Memories: The Quest for Practical Defense against Code Reuse Attacks

Return-Oriented Programming Attack on the Xen Hypervisor

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Marlin: Mitigating Code Reuse Attacks Using Code Randomization

Beasty Memories: The Quest for Practical Defense against Code Reuse Attacks

Return-Oriented Programming Attack on the Xen Hypervisor

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Get Access

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations