Secure and Practical Defense Against Code-Injection Attacks using Software Dynamic Translation
Uloženo v:
| Název: | Secure and Practical Defense Against Code-Injection Attacks using Software Dynamic Translation |
|---|---|
| Autoři: | Hu, Wei, Hiser, Jason, Williams, Dan, Filipi, Adrian, Davidson, Jack W., Evans, David, Knight, John C., Nguyen-Tuong, Anh, Rowanhill, Jonathan |
| Přispěvatelé: | VIRGINIA UNIV CHARLOTTESVILLE DEPT OF COMPUTER SCIENCE |
| Zdroj: | DTIC |
| Rok vydání: | 2006 |
| Sbírka: | Defense Technical Information Center: DTIC Technical Reports database |
| Témata: | Computer Systems Management and Standards, DATA PROCESSING SECURITY, COMPUTER PROGRAMS, ALGORITHMS, VULNERABILITY, SYMPOSIA, CRYPTOGRAPHY, VIRTUAL EXECUTION, SOFTWARE DYNAMIC TRANSLATION, ISR(INSTRUCTION-SET RANDOMIZATION), CODE-INJECTION ATTACKS, AES(ADVANCED ENCRYPTION STANDARD), MALICIOUS CODE |
| Popis: | One of the most common forms of security attacks involves exploiting a vulnerability to inject malicious code into an executing application and then cause the injected code to be executed. A theoretically strong approach to defending against any type of code-injection attack is to create and use a process-specific instruction set that is created by a randomization algorithm. Code injected by an attacker who does not know the randomization key will be invalid for the randomized processor effectively thwarting the attack. This paper describes a secure and efficient implementation of instruction-set randomization (ISR) using software dynamic translation. The paper makes three contributions beyond previous work on ISR. First, we describe an implementation that uses a strong cipher algorithm the Advanced Encryption Standard (AES), to perform randomization. AES is generally believed to be impervious to known attack methodologies. Second, we demonstrate that ISR using AES can be implemented practically and efficiently (considering both execution time and code size overheads) without requiring special hardware support. The third contribution is that our approach detects malicious code before it is executed. Previous approaches relied on probabilistic arguments that execution of non-randomized foreign code would eventually cause a fault or runtime exception. ; Presented at the International Conference on Virtual Execution Environments (2nd) held in Ottawa, Canada on 14-16 Jun 2006. Published in the Proceedings of the International Conference on Virtual Execution Environments (2nd), 2006. Sponsored in part by National Science Foundation Grant nos. CNS-0305144 and CNS-0524432. The original document contains color images. |
| Druh dokumentu: | text |
| Popis souboru: | text/html |
| Jazyk: | English |
| Relation: | http://www.dtic.mil/docs/citations/ADA465213 |
| Dostupnost: | http://www.dtic.mil/docs/citations/ADA465213 http://oai.dtic.mil/oai/oai?&verb=getRecord&metadataPrefix=html&identifier=ADA465213 |
| Rights: | Approved for public release; distribution is unlimited. This document is not available from DTIC in microfiche. |
| Přístupové číslo: | edsbas.48344042 |
| Databáze: | BASE |
Nájsť tento článok vo Web of Science | Abstrakt: | One of the most common forms of security attacks involves exploiting a vulnerability to inject malicious code into an executing application and then cause the injected code to be executed. A theoretically strong approach to defending against any type of code-injection attack is to create and use a process-specific instruction set that is created by a randomization algorithm. Code injected by an attacker who does not know the randomization key will be invalid for the randomized processor effectively thwarting the attack. This paper describes a secure and efficient implementation of instruction-set randomization (ISR) using software dynamic translation. The paper makes three contributions beyond previous work on ISR. First, we describe an implementation that uses a strong cipher algorithm the Advanced Encryption Standard (AES), to perform randomization. AES is generally believed to be impervious to known attack methodologies. Second, we demonstrate that ISR using AES can be implemented practically and efficiently (considering both execution time and code size overheads) without requiring special hardware support. The third contribution is that our approach detects malicious code before it is executed. Previous approaches relied on probabilistic arguments that execution of non-randomized foreign code would eventually cause a fault or runtime exception. ; Presented at the International Conference on Virtual Execution Environments (2nd) held in Ottawa, Canada on 14-16 Jun 2006. Published in the Proceedings of the International Conference on Virtual Execution Environments (2nd), 2006. Sponsored in part by National Science Foundation Grant nos. CNS-0305144 and CNS-0524432. The original document contains color images. |
|---|