Mark Murphy, Per Larsen, Stefan Brunthaler, M. Franz
{"title":"软件配置选项及其对基于多样化的安全性的影响","authors":"Mark Murphy, Per Larsen, Stefan Brunthaler, M. Franz","doi":"10.1145/2663474.2663485","DOIUrl":null,"url":null,"abstract":"Imparting diversity to binaries by inserting garbage instructions is an effective defense against code-reuse attacks. Relocating and breaking up code gadgets removes an attacker's ability to craft attacks by merely studying the existing code on their own computer. Unfortunately, inserting garbage instructions also slows down program execution. The use of profiling enables optimizations that alleviate much of this overhead, while still maintaining the high level of security needed to deter attacks. These optimizations are performed by varying the probability for the insertion of a garbage instruction at any particular location in the binary. The hottest regions of code get the smallest amount of diversification, while the coldest regions get the most diversification.\n We show that static and dynamic profiling methods both reduce run-time overhead to under 2.5% while preventing over 95% of original gadgets from appearing in any diversified binary. We compare static and dynamic profiling and find that dynamic profiling has a slight performance advantage in a best-case scenario. But we also show that dynamic profiling results can suffer greatly from bad training input. Additionally, we find that static profiling creates smaller binary files than dynamic profiling, and that the two methods offer nearly identical security characteristics.","PeriodicalId":241301,"journal":{"name":"MTD '14","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Software Profiling Options and Their Effects on Security Based Diversification\",\"authors\":\"Mark Murphy, Per Larsen, Stefan Brunthaler, M. Franz\",\"doi\":\"10.1145/2663474.2663485\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Imparting diversity to binaries by inserting garbage instructions is an effective defense against code-reuse attacks. Relocating and breaking up code gadgets removes an attacker's ability to craft attacks by merely studying the existing code on their own computer. Unfortunately, inserting garbage instructions also slows down program execution. The use of profiling enables optimizations that alleviate much of this overhead, while still maintaining the high level of security needed to deter attacks. These optimizations are performed by varying the probability for the insertion of a garbage instruction at any particular location in the binary. The hottest regions of code get the smallest amount of diversification, while the coldest regions get the most diversification.\\n We show that static and dynamic profiling methods both reduce run-time overhead to under 2.5% while preventing over 95% of original gadgets from appearing in any diversified binary. We compare static and dynamic profiling and find that dynamic profiling has a slight performance advantage in a best-case scenario. But we also show that dynamic profiling results can suffer greatly from bad training input. Additionally, we find that static profiling creates smaller binary files than dynamic profiling, and that the two methods offer nearly identical security characteristics.\",\"PeriodicalId\":241301,\"journal\":{\"name\":\"MTD '14\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-11-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"MTD '14\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2663474.2663485\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"MTD '14","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2663474.2663485","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Software Profiling Options and Their Effects on Security Based Diversification
Imparting diversity to binaries by inserting garbage instructions is an effective defense against code-reuse attacks. Relocating and breaking up code gadgets removes an attacker's ability to craft attacks by merely studying the existing code on their own computer. Unfortunately, inserting garbage instructions also slows down program execution. The use of profiling enables optimizations that alleviate much of this overhead, while still maintaining the high level of security needed to deter attacks. These optimizations are performed by varying the probability for the insertion of a garbage instruction at any particular location in the binary. The hottest regions of code get the smallest amount of diversification, while the coldest regions get the most diversification.
We show that static and dynamic profiling methods both reduce run-time overhead to under 2.5% while preventing over 95% of original gadgets from appearing in any diversified binary. We compare static and dynamic profiling and find that dynamic profiling has a slight performance advantage in a best-case scenario. But we also show that dynamic profiling results can suffer greatly from bad training input. Additionally, we find that static profiling creates smaller binary files than dynamic profiling, and that the two methods offer nearly identical security characteristics.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
