Practical Software Diversification Using In-Place Code Randomization

Abstract

The wide adoption of non-executable page protections has given rise to attacks that employ return-oriented programming (ROP) to achieve arbitrary code execution without the injection of any code. Existing defenses against ROP exploits either require source code or symbolic debugging information, or impose a significant runtime overhead, which limits their applicability for the protection of third-party applications. Aiming for a practical mitication against ROP attacks, we introduce in-place code randomization, a software diversification technique that can be applied directly on third-party software. Our method uses various narrow-scope code transformations that can be applied statically, without changing the location of basic blocks, allowing the safe randomization of stripped binaries even with partial disassembly coverage. We demonstrate how in-place code randomization can prevent the exploitation of vulnerable Windows 7 applications, including Adobe Reader, as well as the automated construction of reliable ROP payloads.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 23, 2012
Accession Number
AD1145632

Entities

People

  • Angelos Dennis Keromytis
  • Michalis Polychronakis
  • Vasilis Pappas

Organizations

  • Columbia University

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Algorithms
  • Code Injection
  • Compilers
  • Computations
  • Computer Programming
  • Computer Programs
  • Computers
  • Cybersecurity
  • Data Sets
  • Debugging
  • Instruction Set Architecture
  • Instrumentation
  • Language
  • Machine Languages
  • Operating Systems
  • Prototypes

Fields of Study

  • Computer science
  • Engineering

Readers

  • Computer Programming and Software Development.
  • Cybersecurity.
  • Database Systems and Applications