TY - GEN
T1 - Transparent runtime randomization for security
AU - Xu, Jun
AU - Kalbarczyk, Zbigniew
AU - Iyer, Ravishankar K.
N1 - Copyright:
Copyright 2011 Elsevier B.V., All rights reserved.
PY - 2003
Y1 - 2003
N2 - A large class of security attacks exploit software implementation vulnerabilities such as unchecked buffers. This paper proposes Transparent Runtime Randomization (TRR), a generalized approach for protecting against a wide range of security attacks. TRR dynamically and randomly relocates a program's stack, heap, shared libraries, and parts of its runtime control data structures inside the application memory address space. Making a program's memory layout different each time it runs foils the attacker's assumptions about the memory layout of the vulnerable program and makes the determination of critical address values difficult if not impossible. TRR is implemented by changing the Linux dynamic program loader, hence it is transparent to applications. We demonstrate that TRR is effective in defeating real security attacks, including malloc-based heap overflow, integer overflow, and double-free attacks, for which effective prevention mechanisms are yet to emerge. Furthermore, TRR incurs less than 9% program startup overhead and no runtime overhead.
AB - A large class of security attacks exploit software implementation vulnerabilities such as unchecked buffers. This paper proposes Transparent Runtime Randomization (TRR), a generalized approach for protecting against a wide range of security attacks. TRR dynamically and randomly relocates a program's stack, heap, shared libraries, and parts of its runtime control data structures inside the application memory address space. Making a program's memory layout different each time it runs foils the attacker's assumptions about the memory layout of the vulnerable program and makes the determination of critical address values difficult if not impossible. TRR is implemented by changing the Linux dynamic program loader, hence it is transparent to applications. We demonstrate that TRR is effective in defeating real security attacks, including malloc-based heap overflow, integer overflow, and double-free attacks, for which effective prevention mechanisms are yet to emerge. Furthermore, TRR incurs less than 9% program startup overhead and no runtime overhead.
UR - http://www.scopus.com/inward/record.url?scp=27644457078&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=27644457078&partnerID=8YFLogxK
U2 - 10.1109/RELDIS.2003.1238076
DO - 10.1109/RELDIS.2003.1238076
M3 - Conference contribution
AN - SCOPUS:27644457078
SN - 0769519555
T3 - Proceedings of the IEEE Symposium on Reliable Distributed Systems
SP - 260
EP - 269
BT - Proceedings - 22nd International Symposium on Reliable Distributed Systems, SRDS 2003
T2 - 22nd International Symposium on Reliable Distributed Systems, SRDS 2003
Y2 - 6 October 2003 through 8 October 2003
ER -