Cloning Your Gadgets: Complete ROP Attack Immunity with Multi-Variant Execution
In this paper, we present disjoint code layouts (DCL), a technique that complements multi-variant execution [1] and W\oplus X protection to effectively immunize programs against control flow hijacking exploits such as return oriented programming (ROP) [2] and return-to-libc attacks [3] . DCL impro...
Gespeichert in:
Veröffentlicht in: | IEEE transactions on dependable and secure computing 2016-07, Vol.13 (4), p.437-450 |
---|---|
Hauptverfasser: | , , |
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | In this paper, we present disjoint code layouts (DCL), a technique that complements multi-variant execution [1] and W\oplus X protection to effectively immunize programs against control flow hijacking exploits such as return oriented programming (ROP) [2] and return-to-libc attacks [3] . DCL improves upon address space partitioning (ASP), an earlier technique presented to defeat memory exploits. Unlike ASP, our solution keeps the full virtual address space available to the protected program. Additionally, our combination of DCL with Multi-Variant Execution is transparent to both the user and the programmer and incurs much less overhead than other ROP defense tools, both in terms of run time and memory footprint. |
---|---|
ISSN: | 1545-5971 1941-0018 |
DOI: | 10.1109/TDSC.2015.2411254 |