Fine-Grained Address Space Layout Randomization on Program Load

Fine-Grained Address Space Layout Randomization on Program Load

Software vulnerabilities are a serious security threat. It is important to develop protection mechanisms preventing their exploitation, especially with a rapid increase of ROP attacks. State of the art protection mechanisms have some drawbacks that can be used by attackers. In this paper, we propose...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Programming and computer software 2018-09, Vol.44 (5), p.363-370
Hauptverfasser: Nurmukhametov, A. R., Zhabotinskiy, E. A., Kurmangaleev, Sh. F., Gaissaryan, S. S., Vishnyakov, A. V.
Format: Artikel
Sprache:eng
Schlagworte:
Artificial Intelligence
Computer Science
Decomposition
Exploitation
Layouts
Libraries
Operating Systems
Performance enhancement
Permutations
Randomization
Software
Software Engineering
Software Engineering/Programming and Operating Systems
Work capacity
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 370
container_issue 5
container_start_page 363
container_title Programming and computer software
container_volume 44
creator Nurmukhametov, A. R.
Zhabotinskiy, E. A.
Kurmangaleev, Sh. F.
Gaissaryan, S. S.
Vishnyakov, A. V.
description Software vulnerabilities are a serious security threat. It is important to develop protection mechanisms preventing their exploitation, especially with a rapid increase of ROP attacks. State of the art protection mechanisms have some drawbacks that can be used by attackers. In this paper, we propose fine-grained address space layout randomization on program load that is able to protect from such kind of attacks. During the static linking stage, the executable and library files are supplemented with information about function boundaries and relocations. A system dynamic linker/loader uses this information to perform permutation of functions. The proposed method was implemented for 64-bit programs on CentOS 7 operating system. The implemented method has shown good resistance to ROP attacks evaluated by two metrics: the number of survived gadgets and the exploitability estimation of ROP chain examples. The implementation presented in this article is applicable across the entire operating system and has no compatibility problems affecting the program performance. The working capacity of proposed approach was demonstrated on real programs. The further research can cover forking randomization and finer granularity than on the function level. It also makes sense to implement the randomization of short functions placement taking into account the relationships between them. The close arrangement of functions that often call each other can improve the performance of individual programs.
doi_str_mv 10.1134/S0361768818050080
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2918496089</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2918496089</sourcerecordid><originalsourceid>FETCH-LOGICAL-c364t-c16da51d7fc82e7f523e5f6008641662a93eeafd49a04e09dc6580a3e97c25a83</originalsourceid><addsrcrecordid>eNp1UE1LAzEQDaJgrf4AbwueV2eSbDZ7klJsFRYUq-dlSLJli93UZPdQf70pFTyIMPAO72NmHmPXCLeIQt6tQCgsldaooQDQcMImqEDngis8ZZMDnR_4c3YR4wYAAaScsPtF17t8GSiBzWbWBhdjttqRcVlNez8O2Sv11m-7Lxo632dpXoJfB9pmtSd7yc5a-oju6gen7H3x8DZ_zOvn5dN8VudGKDnkBpWlAm3ZGs1d2RZcuKJV6VAlUSlOlXCOWisrAumgskYVGki4qjS8IC2m7OaYuwv-c3RxaDZ-DH1a2fAKtazSr1VS4VFlgo8xuLbZhW5LYd8gNIeemj89JQ8_emLS9msXfpP_N30DRZdoKg</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2918496089</pqid></control><display><type>article</type><title>Fine-Grained Address Space Layout Randomization on Program Load</title><source>AUTh Library subscriptions: ProQuest Central</source><source>SpringerLink Journals - AutoHoldings</source><source>ProQuest Central</source><creator>Nurmukhametov, A. R. ; Zhabotinskiy, E. A. ; Kurmangaleev, Sh. F. ; Gaissaryan, S. S. ; Vishnyakov, A. V.</creator><creatorcontrib>Nurmukhametov, A. R. ; Zhabotinskiy, E. A. ; Kurmangaleev, Sh. F. ; Gaissaryan, S. S. ; Vishnyakov, A. V.</creatorcontrib><description>Software vulnerabilities are a serious security threat. It is important to develop protection mechanisms preventing their exploitation, especially with a rapid increase of ROP attacks. State of the art protection mechanisms have some drawbacks that can be used by attackers. In this paper, we propose fine-grained address space layout randomization on program load that is able to protect from such kind of attacks. During the static linking stage, the executable and library files are supplemented with information about function boundaries and relocations. A system dynamic linker/loader uses this information to perform permutation of functions. The proposed method was implemented for 64-bit programs on CentOS 7 operating system. The implemented method has shown good resistance to ROP attacks evaluated by two metrics: the number of survived gadgets and the exploitability estimation of ROP chain examples. The implementation presented in this article is applicable across the entire operating system and has no compatibility problems affecting the program performance. The working capacity of proposed approach was demonstrated on real programs. The further research can cover forking randomization and finer granularity than on the function level. It also makes sense to implement the randomization of short functions placement taking into account the relationships between them. The close arrangement of functions that often call each other can improve the performance of individual programs.</description><identifier>ISSN: 0361-7688</identifier><identifier>EISSN: 1608-3261</identifier><identifier>DOI: 10.1134/S0361768818050080</identifier><language>eng</language><publisher>Moscow: Pleiades Publishing</publisher><subject>Artificial Intelligence ; Computer Science ; Decomposition ; Exploitation ; Layouts ; Libraries ; Operating Systems ; Performance enhancement ; Permutations ; Randomization ; Software ; Software Engineering ; Software Engineering/Programming and Operating Systems ; Work capacity</subject><ispartof>Programming and computer software, 2018-09, Vol.44 (5), p.363-370</ispartof><rights>Pleiades Publishing, Ltd. 2018</rights><rights>Pleiades Publishing, Ltd. 2018.</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c364t-c16da51d7fc82e7f523e5f6008641662a93eeafd49a04e09dc6580a3e97c25a83</citedby><cites>FETCH-LOGICAL-c364t-c16da51d7fc82e7f523e5f6008641662a93eeafd49a04e09dc6580a3e97c25a83</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1134/S0361768818050080$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://www.proquest.com/docview/2918496089?pq-origsite=primo$$EHTML$$P50$$Gproquest$$H</linktohtml><link.rule.ids>314,780,784,21379,27915,27916,33735,41479,42548,43796,51310,64374,64378,72230</link.rule.ids></links><search><creatorcontrib>Nurmukhametov, A. R.</creatorcontrib><creatorcontrib>Zhabotinskiy, E. A.</creatorcontrib><creatorcontrib>Kurmangaleev, Sh. F.</creatorcontrib><creatorcontrib>Gaissaryan, S. S.</creatorcontrib><creatorcontrib>Vishnyakov, A. V.</creatorcontrib><title>Fine-Grained Address Space Layout Randomization on Program Load</title><title>Programming and computer software</title><addtitle>Program Comput Soft</addtitle><description>Software vulnerabilities are a serious security threat. It is important to develop protection mechanisms preventing their exploitation, especially with a rapid increase of ROP attacks. State of the art protection mechanisms have some drawbacks that can be used by attackers. In this paper, we propose fine-grained address space layout randomization on program load that is able to protect from such kind of attacks. During the static linking stage, the executable and library files are supplemented with information about function boundaries and relocations. A system dynamic linker/loader uses this information to perform permutation of functions. The proposed method was implemented for 64-bit programs on CentOS 7 operating system. The implemented method has shown good resistance to ROP attacks evaluated by two metrics: the number of survived gadgets and the exploitability estimation of ROP chain examples. The implementation presented in this article is applicable across the entire operating system and has no compatibility problems affecting the program performance. The working capacity of proposed approach was demonstrated on real programs. The further research can cover forking randomization and finer granularity than on the function level. It also makes sense to implement the randomization of short functions placement taking into account the relationships between them. The close arrangement of functions that often call each other can improve the performance of individual programs.</description><subject>Artificial Intelligence</subject><subject>Computer Science</subject><subject>Decomposition</subject><subject>Exploitation</subject><subject>Layouts</subject><subject>Libraries</subject><subject>Operating Systems</subject><subject>Performance enhancement</subject><subject>Permutations</subject><subject>Randomization</subject><subject>Software</subject><subject>Software Engineering</subject><subject>Software Engineering/Programming and Operating Systems</subject><subject>Work capacity</subject><issn>0361-7688</issn><issn>1608-3261</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2018</creationdate><recordtype>article</recordtype><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GNUQQ</sourceid><recordid>eNp1UE1LAzEQDaJgrf4AbwueV2eSbDZ7klJsFRYUq-dlSLJli93UZPdQf70pFTyIMPAO72NmHmPXCLeIQt6tQCgsldaooQDQcMImqEDngis8ZZMDnR_4c3YR4wYAAaScsPtF17t8GSiBzWbWBhdjttqRcVlNez8O2Sv11m-7Lxo632dpXoJfB9pmtSd7yc5a-oju6gen7H3x8DZ_zOvn5dN8VudGKDnkBpWlAm3ZGs1d2RZcuKJV6VAlUSlOlXCOWisrAumgskYVGki4qjS8IC2m7OaYuwv-c3RxaDZ-DH1a2fAKtazSr1VS4VFlgo8xuLbZhW5LYd8gNIeemj89JQ8_emLS9msXfpP_N30DRZdoKg</recordid><startdate>20180901</startdate><enddate>20180901</enddate><creator>Nurmukhametov, A. R.</creator><creator>Zhabotinskiy, E. A.</creator><creator>Kurmangaleev, Sh. F.</creator><creator>Gaissaryan, S. S.</creator><creator>Vishnyakov, A. V.</creator><general>Pleiades Publishing</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope><scope>8FE</scope><scope>8FG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K7-</scope><scope>P5Z</scope><scope>P62</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope></search><sort><creationdate>20180901</creationdate><title>Fine-Grained Address Space Layout Randomization on Program Load</title><author>Nurmukhametov, A. R. ; Zhabotinskiy, E. A. ; Kurmangaleev, Sh. F. ; Gaissaryan, S. S. ; Vishnyakov, A. V.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c364t-c16da51d7fc82e7f523e5f6008641662a93eeafd49a04e09dc6580a3e97c25a83</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2018</creationdate><topic>Artificial Intelligence</topic><topic>Computer Science</topic><topic>Decomposition</topic><topic>Exploitation</topic><topic>Layouts</topic><topic>Libraries</topic><topic>Operating Systems</topic><topic>Performance enhancement</topic><topic>Permutations</topic><topic>Randomization</topic><topic>Software</topic><topic>Software Engineering</topic><topic>Software Engineering/Programming and Operating Systems</topic><topic>Work capacity</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Nurmukhametov, A. R.</creatorcontrib><creatorcontrib>Zhabotinskiy, E. A.</creatorcontrib><creatorcontrib>Kurmangaleev, Sh. F.</creatorcontrib><creatorcontrib>Gaissaryan, S. S.</creatorcontrib><creatorcontrib>Vishnyakov, A. V.</creatorcontrib><collection>CrossRef</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central</collection><collection>Advanced Technologies &amp; Aerospace Database‎ (1962 - current)</collection><collection>ProQuest Central Essentials</collection><collection>AUTh Library subscriptions: ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>Computer Science Database</collection><collection>Advanced Technologies &amp; Aerospace Database</collection><collection>ProQuest Advanced Technologies &amp; Aerospace Collection</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><jtitle>Programming and computer software</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Nurmukhametov, A. R.</au><au>Zhabotinskiy, E. A.</au><au>Kurmangaleev, Sh. F.</au><au>Gaissaryan, S. S.</au><au>Vishnyakov, A. V.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Fine-Grained Address Space Layout Randomization on Program Load</atitle><jtitle>Programming and computer software</jtitle><stitle>Program Comput Soft</stitle><date>2018-09-01</date><risdate>2018</risdate><volume>44</volume><issue>5</issue><spage>363</spage><epage>370</epage><pages>363-370</pages><issn>0361-7688</issn><eissn>1608-3261</eissn><abstract>Software vulnerabilities are a serious security threat. It is important to develop protection mechanisms preventing their exploitation, especially with a rapid increase of ROP attacks. State of the art protection mechanisms have some drawbacks that can be used by attackers. In this paper, we propose fine-grained address space layout randomization on program load that is able to protect from such kind of attacks. During the static linking stage, the executable and library files are supplemented with information about function boundaries and relocations. A system dynamic linker/loader uses this information to perform permutation of functions. The proposed method was implemented for 64-bit programs on CentOS 7 operating system. The implemented method has shown good resistance to ROP attacks evaluated by two metrics: the number of survived gadgets and the exploitability estimation of ROP chain examples. The implementation presented in this article is applicable across the entire operating system and has no compatibility problems affecting the program performance. The working capacity of proposed approach was demonstrated on real programs. The further research can cover forking randomization and finer granularity than on the function level. It also makes sense to implement the randomization of short functions placement taking into account the relationships between them. The close arrangement of functions that often call each other can improve the performance of individual programs.</abstract><cop>Moscow</cop><pub>Pleiades Publishing</pub><doi>10.1134/S0361768818050080</doi><tpages>8</tpages></addata></record>
fulltext fulltext
identifier ISSN: 0361-7688
ispartof Programming and computer software, 2018-09, Vol.44 (5), p.363-370
issn 0361-7688
1608-3261
language eng
recordid cdi_proquest_journals_2918496089
source AUTh Library subscriptions: ProQuest Central; SpringerLink Journals - AutoHoldings; ProQuest Central
subjects Artificial Intelligence
Computer Science
Decomposition
Exploitation
Layouts
Libraries
Operating Systems
Performance enhancement
Permutations
Randomization
Software
Software Engineering
Software Engineering/Programming and Operating Systems
Work capacity
title Fine-Grained Address Space Layout Randomization on Program Load
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-14T19%3A21%3A31IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Fine-Grained%20Address%20Space%20Layout%20Randomization%20on%20Program%20Load&rft.jtitle=Programming%20and%20computer%20software&rft.au=Nurmukhametov,%20A.%20R.&rft.date=2018-09-01&rft.volume=44&rft.issue=5&rft.spage=363&rft.epage=370&rft.pages=363-370&rft.issn=0361-7688&rft.eissn=1608-3261&rft_id=info:doi/10.1134/S0361768818050080&rft_dat=%3Cproquest_cross%3E2918496089%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2918496089&rft_id=info:pmid/&rfr_iscdi=true