Advanced search
1 file | 860.57 KB Add to list

Cloning your gadgets: complete ROP attack immunity with multi-variant execution

Stijn Volckaert (UGent) , Bart Coppens (UGent) and Bjorn De Sutter (UGent)
Author
Organization
Abstract
In this paper, we present Disjoint Code Layouts (DCL), a technique that complements Multi-Variant Execution and WX protection to effectively immunize programs against control flow hijacking exploits such as Return Oriented Programming (ROP) and return-to-libc attacks. DCL improves upon Address Space Partitioning (ASP), an earlier technique presented to defeat memory exploits. Unlike ASP, our solution keeps the full virtual address space available to the protected program. Additionally, our combination of DCL with Multi-Variant Execution is transparent to both the user and the programmer and incurs much less overhead than other ROP defense tools, both in terms of run time and memory footprint.
Keywords
protection, overhead, memory exploits, monitoring, return-to-libc, return oriented programming, replication

Downloads

  • (...).pdf
    • full text
    • |
    • UGent only
    • |
    • PDF
    • |
    • 860.57 KB

Citation

Please use this url to cite or link to this publication:

MLA
Volckaert, Stijn, Bart Coppens, and Bjorn De Sutter. “Cloning Your Gadgets: Complete ROP Attack Immunity with Multi-variant Execution.” IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING 13.4 (2016): 437–450. Print.
APA
Volckaert, S., Coppens, B., & De Sutter, B. (2016). Cloning your gadgets: complete ROP attack immunity with multi-variant execution. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 13(4), 437–450.
Chicago author-date
Volckaert, Stijn, Bart Coppens, and Bjorn De Sutter. 2016. “Cloning Your Gadgets: Complete ROP Attack Immunity with Multi-variant Execution.” Ieee Transactions on Dependable and Secure Computing 13 (4): 437–450.
Chicago author-date (all authors)
Volckaert, Stijn, Bart Coppens, and Bjorn De Sutter. 2016. “Cloning Your Gadgets: Complete ROP Attack Immunity with Multi-variant Execution.” Ieee Transactions on Dependable and Secure Computing 13 (4): 437–450.
Vancouver
1.
Volckaert S, Coppens B, De Sutter B. Cloning your gadgets: complete ROP attack immunity with multi-variant execution. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING. IEEE; 2016;13(4):437–50.
IEEE
[1]
S. Volckaert, B. Coppens, and B. De Sutter, “Cloning your gadgets: complete ROP attack immunity with multi-variant execution,” IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, vol. 13, no. 4, pp. 437–450, 2016.
@article{5969913,
  abstract     = {{In this paper, we present Disjoint Code Layouts (DCL), a technique that complements Multi-Variant Execution and WX protection to effectively immunize programs against control flow hijacking exploits such as Return Oriented Programming (ROP) and return-to-libc attacks. DCL improves upon Address Space Partitioning (ASP), an earlier technique presented to defeat memory exploits. Unlike ASP, our solution keeps the full virtual address space available to the protected program. Additionally, our combination of DCL with Multi-Variant Execution is transparent to both the user and the programmer and incurs much less overhead than other ROP defense tools, both in terms of run time and memory footprint.}},
  author       = {{Volckaert, Stijn and Coppens, Bart and De Sutter, Bjorn}},
  issn         = {{1545-5971}},
  journal      = {{IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING}},
  keywords     = {{protection,overhead,memory exploits,monitoring,return-to-libc,return oriented programming,replication}},
  language     = {{eng}},
  number       = {{4}},
  pages        = {{437--450}},
  publisher    = {{IEEE}},
  title        = {{Cloning your gadgets: complete ROP attack immunity with multi-variant execution}},
  url          = {{http://dx.doi.org/10.1109/TDSC.2015.2411254}},
  volume       = {{13}},
  year         = {{2016}},
}

Altmetric
View in Altmetric
Web of Science
Times cited: