Secure the commodity applications against address exposure attacks

X Wang, Y Qi - 2017 IEEE Symposium on Computers and …, 2017 - ieeexplore.ieee.org
X Wang, Y Qi
2017 IEEE Symposium on Computers and Communications (ISCC), 2017ieeexplore.ieee.org
Remote server vulnerability exploit is one of the most troublesome threat to the Internet
security. An effective defense against the remote vulnerability exploit is code randomization,
which randomizes the program code address to disrupt the malicious payload execution.
Unfortunately, code randomization is particularly susceptible to address exposure
vulnerabilities; the leak of a single code or data pointer is often sufficient to de-randomize
the protected process. Existing solutions either prevent part of the address exposures (eg …
Remote server vulnerability exploit is one of the most troublesome threat to the Internet security. An effective defense against the remote vulnerability exploit is code randomization, which randomizes the program code address to disrupt the malicious payload execution. Unfortunately, code randomization is particularly susceptible to address exposure vulnerabilities; the leak of a single code or data pointer is often sufficient to de-randomize the protected process. Existing solutions either prevent part of the address exposures (e.g., code-pointer exposure only), or are too heavyweight (e.g., have to involve a hypervisor software or a modified OS kernel). In this paper, we propose AXIS that can provide existing code randomization techniques with a comprehensive protection against address exposure. AXIS first redirects the code pointers through an indirection table that is protected by the execute-no-read memory segment. During the load time, all static data will be relocated to random locations, which breaks the fixed offsets between code and data. We have implemented a prototype of AXIS with only a customized compiler and a pre-loaded library. Our experiments show that AXIS can successfully eliminate address exposure with a minimal performance overhead.
ieeexplore.ieee.org
Showing the best result for this search. See all results