Countering code-injection attacks with instruction-set randomization
作者: Gaurav S. Kc , Angelos D. Keromytis , Vassilis Prevelakis
关键词:
摘要: We describe a new, general approach for safeguarding systems against any type of code-injection attack. apply Kerckhoff's principle, by creating process-specific randomized instruction sets (e.g., machine instructions) the system executing potentially vulnerable software. An attacker who does not know key to randomization algorithm will inject code that is invalid processor, causing runtime exception. To determine difficulty integrating support proposed mechanism in operating system, we modified Linux kernel, GNU binutils tools, and bochs-x86 emulator. Although performance penalty significant, our prototype demonstrates feasibility approach, should be directly usable on suitable-modified processor Transmeta Crusoe).Our equally applicable code-injecting attacks scripting interpreted languages, e.g., web-based SQL injection. demonstrate this modifying Perl interpreter permit script execution. The case minimal. Where feasible (i.e., an emulated environment, presence programmable or specialized hardware, languages), it can serve as low-overhead protection mechanism, easily complement other mechanisms.
acm.org
columbia.edu
princeton.edu 
jhu.edu 
sci-hub.se 参考文章(49)
Eric A. Brewer, David Wagner, Ian Goldberg, Randi Thomas, A secure environment for untrusted helper applications confining the Wily Hacker usenix security symposium. pp. 1- 1 ,(1996)
Tal Garfinkel, Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools. network and distributed system security symposium. ,(2003)
Robert N. M. Watson, TrustedBSD: Adding Trusted Operating System Features to FreeBSD usenix annual technical conference. pp. 15- 28 ,(2001)
M. Raje, A. Acharya, MAPbox: Using Parameterized Behavior Classes to Confine Applications University of California at Santa Barbara. ,(1999)
Paul H. J. Kelly, Richard W. M. Jones, Backwards-Compatible Bounds Checking for Arrays and Pointers in C Programs Proceedings of the 3rd International Workshop on Automatic Debugging; 1997 (AADEBUG-97). pp. 13- 26 ,(1997)
Virgil Bourassa, Andrew Berman, Erik Selberg, TRON: process-specific file protection for the UNIX operating system usenix annual technical conference. pp. 14- 14 ,(1995)
Niels Provos, Improving host security with system call policies usenix security symposium. pp. 18- 18 ,(2003)
David S. Peterson, Matt Bishop, Raju Pandey, A Flexible Containment Mechanism for Executing Untrusted Code usenix security symposium. pp. 207- 225 ,(2002)
Tzi-cker Chiueh, Manish Prasad, A Binary Rewriting Defense Against Stack based Buffer Overflow Attacks. usenix annual technical conference. pp. 211- 224 ,(2003)
Mike Frantzen, Mike Shuey, StackGhost: Hardware facilitated stack protection usenix security symposium. pp. 5- 5 ,(2001)