Control Flow Protection Against Return Oriented Attacks

  • Álvaro Rincón UFRJ / Inmetro
  • Davidson Boccardo Inmetro
  • Luci Pirmez UFRJ
  • Luiz Fernando Rust UFRJ / Inmetro

Resumo


Recent ROP (Return Oriented Programming) attacks are characterized by evading traditional protection methods, encouraging the scientific community to seek for a reliable and practical security solution. This work presents a novel technique based on control flow protection, and with a low overhead, making it suitable for constrained architectures in terms of processing, storage and energy. A prototype of the protection technique was developed and tested for ARM-Linux environment. The results show that our solution is effective and capable of preventing such ROP attacks with negligible overhead.

Referências

Abadi, Martín, et al. (2009) "Control-flow integrity principles, implementations, and applications." ACM Transactions on Information and System Security (TISSEC) 13.1 (2009): 4.

Alhazmi et al. 2007 Alhazmi, O. H., Malaiya, Y. K., and Ray, I. (2007). Measuring, analyzing and predicting security vulnerabilities in software systems. Computers & Security, 26(3):219–228.

Bletsch, Tyler, Xuxian Jiang, and Vince Freeh. (2011) "Mitigating code-reuse attacks with control-flow locking." Proceedings of the 27th Annual Computer Security Applications Conference. ACM.

Christian Collberg and Jasvir Nagra. (2009). Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection (1st ed.). Addison-Wesley Professional.

Huang, Zi-Shun, and Ian G. Harris. (2012) "Return-oriented vulnerabilities in ARM executables." Homeland Security (HST), 2012 IEEE Conference on Technologies for. IEEE.

Itzhak(Zuk) Avraham. (2011) Non-Executable Stack ARM Exploitation Research Paper. In BlackHat Security Convention. [link].

Pappas, Vasilis, Michalis Polychronakis, and Angelos D. Keromytis. (2012) "Smashing the gadgets: Hindering return-oriented programming using in-place code randomization." Security and Privacy (SP), 2012 IEEE Symposium on. IEEE.
Publicado
09/11/2015
RINCÓN, Álvaro; BOCCARDO, Davidson; PIRMEZ, Luci; RUST, Luiz Fernando. Control Flow Protection Against Return Oriented Attacks. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 15. , 2015, Florianópolis. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2015 . p. 346-349. DOI: https://doi.org/10.5753/sbseg.2015.20112.

Artigos mais lidos do(s) mesmo(s) autor(es)

<< < 1 2