Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Vikram Reddy Enukonda.

Slides:

Advertisements

Similar presentations

Defenses. Preventing hijacking attacks 1. Fix bugs: – Audit software Automated tools: Coverity, Prefast/Prefix. – Rewrite software in a type safe languange.

Advertisements

Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.

Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.

InkTag: Secure Applications on an Untrusted Operating system

CS 153 Design of Operating Systems Spring 2015 Lecture 19: Page Replacement and Memory War.

Threads 1 CS502 Spring 2006 Threads CS-502 Spring 2006.

Run-Time Storage Organization

© 2004, D. J. Foreman 1 CS350 Operating Systems. © 2004, D. J. Foreman 2 Administrivia  Assignments ■ Homework on most chapters ■ Approximately 8 lab.

Exokernel: An Operating System Architecture for Application-Level Resource Management Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr. M.I.T.

1 Chapter 4 Threads Threads: Resource ownership and execution.

Threads. Processes and Threads  Two characteristics of “processes” as considered so far: Unit of resource allocation Unit of dispatch  Characteristics.

CS 3013 & CS 502 Summer 2006 Threads1 CS-3013 & CS-502 Summer 2006.

1 RISE: Randomization Techniques for Software Security Dawn Song CMU Joint work with Monica Chew (UC Berkeley)

Virtualization for Cloud Computing

Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.

Vulnerability-Specific Execution Filtering (VSEF) for Exploit Prevention on Commodity Software Authors: James Newsome, James Newsome, David Brumley, David.

Address Space Layout Permutation

Secure Virtual Architecture John Criswell, Arushi Aggarwal, Andrew Lenharth, Dinakar Dhurjati, and Vikram Adve University of Illinois at Urbana-Champaign.

Protection and the Kernel: Mode, Space, and Context.

Silberschatz, Galvin and Gagne ©2009Operating System Concepts – 8 th Edition Chapter 4: Threads.

CS533 Concepts of Operating Systems Jonathan Walpole.

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.

Information Assurance Research Group 1 NSA Security-Enhanced Linux (SELinux) Grant M. Wagner Information Assurance.

KGuard: Lightweight Kernel Protection against Return-to-User Attacks Authors: Vasileios P. Kemerlis Georgios Portokalidis Angelos D. Keromytis Presenter:

Automatic Diagnosis and Response to Memory Corruption Vulnerabilities Authors: Jun Xu, Peng Ning, Chongkyung Kil, Yan Zhai, Chris Bookholt In ACM CCS’05.

Chapter 2: Operating-System Structures. 2.2 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Chapter 2: Operating-System Structures Operating.

Introduction: Exploiting Linux. Basic Concepts Vulnerability A flaw in a system that allows an attacker to do something the designer did not intend,

Buffer Overflow Detection Stuart Pickard CSCI 297 June 14, 2005.

Vasileios P. Kemerlis, Georgios Portokalidis, Angelos D. Keromytis Network Security Lab, Department of Computer Science, Columbia University, USA 21 st.

Mitigation of Buffer Overflow Attacks

{ Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Cristiano Giuffrida, Anton Kuijsten & Andrew S.Tanenbaum.

Copyright © George Coulouris, Jean Dollimore, Tim Kindberg This material is made available for private study and for direct.

Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Cristiano Giuffrida Anton Kuijsten Andrew S. Tanenbaum.

OPERATING SYSTEM SUPPORT DISTRIBUTED SYSTEMS CHAPTER 6 Lawrence Heyman July 8, 2002.

Buffer Overflow Attack-proofing by Transforming Code Binary Gopal Gupta Parag Doshi, R. Reghuramalingam The University of Texas at Dallas 11/15/2004.

Buffer Overflow Attack Proofing of Code Binary Gopal Gupta, Parag Doshi, R. Reghuramalingam, Doug Harris The University of Texas at Dallas.

Highly Scalable Distributed Dataflow Analysis Joseph L. Greathouse Advanced Computer Architecture Laboratory University of Michigan Chelsea LeBlancTodd.

Improving Xen Security through Disaggregation Derek MurrayGrzegorz MilosSteven Hand.

A Tool for Pro-active Defense Against the Buffer Overrun Attack D. Bruschi, E. Rosti, R. Banfi Presented By: Warshavsky Alex.

The Role of Virtualization in Exascale Production Systems Jack Lange Assistant Professor University of Pittsburgh.

Operating Systems Security

Shellcode Development -Femi Oloyede -Pallavi Murudkar.

Wireless and Mobile Security

Information Leaks Without Memory Disclosures: Remote Side Channel Attacks on Diversified Code Jeff Seibert, Hamed Okhravi, and Eric Söderström Presented.

On the Effectiveness of Address-Space Randomization Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, Dan Boneh.

VMM Based Rootkit Detection on Android

Security Architecture and Design Chapter 4 Part 2 Pages 319 to 357.

Operating Systems Unit 2: – Process Context switch Interrupt Interprocess communication – Thread Thread models Operating Systems.

Chapter 2 Introduction to OS Chien-Chung Shen CIS/UD

CS533 Concepts of Operating Systems Jonathan Walpole.

VM: Chapter 7 Buffer Overflows. csci5233 computer security & integrity (VM: Ch. 7) 2 Outline Impact of buffer overflows What is a buffer overflow? Types.

1 Threads, SMP, and Microkernels Chapter 4. 2 Process Resource ownership - process includes a virtual address space to hold the process image Scheduling/execution-

Aaron Corso COSC Spring What is LAMP?  A ‘solution stack’, or package of an OS and software consisting of:  Linux  Apache  MySQL  PHP.

1 Chapter 2: Operating-System Structures Services Interface provided to users & programmers –System calls (programmer access) –User level access to system.

@Yuan Xue Worm Attack Yuan Xue Fall 2012.

Embedded Real-Time Systems

Mitigation against Buffer Overflow Attacks

Providing Security for Embedded Devices Through Virtualization

Secure Software Development: Theory and Practice

Process Realization In OS

CGS 3763 Operating Systems Concepts Spring 2013

Shielding applications from an untrusted cloud with Haven

NSA Security-Enhanced Linux (SELinux)

Run-time environments

2019 2학기 고급운영체제론 ZebRAM: Comprehensive and Compatible Software Protection Against Rowhammer Attacks 3 # 단국대학교 컴퓨터학과 # 남혜민 # 발표자.

Presentation transcript:

Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Vikram Reddy Enukonda

Outline Kernel-level Exploitation Existing Countermeasures Address Space Randomization Challenges in OS-Level ASR Design for OS-Level ASR OS-Architecture ASR Transformation ASR Performance

Kernel-level Exploitation Kernel-level exploitation is increasingly gaining momentum. Many exploits available for Windows, Linux, BSD, Mac OS X, iOS. Plenty of memory error vulnerabilities to choose from. Plethora of internet-connected users running the same kernel version. Many attack opportunities for both local and remote exploits.

Existing Countermeasures Preserving kernel code integrity. Kernel hook protection. Control-flow integrity. Comprehensive memory error protection. Virtualization support required, high overhead.

Address Space Randomization Well-established defense mechanism against memory error exploits. Application-level support in all the major operating systems. The operating system itself typically not randomized at all. Only recent Windows releases perform basic text randomization. Goal: Fine-grained ASR for operating systems.

Challenges in OS-level ASR Instrumentation. Run-time constraints. Attack model. Information leakage. Brute forcing.

A Design for OS-level ASR Make both location and layout of memory objects unpredictable. LLVM-based link-time transformations for safe and efficient ASR. Minimal amount of untrusted code exposed to the runtime. Live re-randomization to maximize unobservability of the system. No changes in the software distribution model.

The OS Architecture

ASR Transformations Code Randomization Static Data Randomization Stack Randomization Dynamic Data Randomization

Live Re-randomization First stateful live re-randomization technique. Periodically re-randomize the memory address space layout. Support arbitrary memory layout changes at re- randomization time. Support all the standard C idioms with minimal manual effort. Sandbox the re-randomization code to recover from run-time errors.

ASRR Metadata Types Global variables Static variables String constants Functions Dynamic memory allocations

Re-randomization Process

ASR Performance

ASRR Performance

Summary A new fine-grained ASR technique for operating systems. Better performance and security than prior ASR solutions. Live re-randomization and ILR to counter information leakage. No heavyweight instrumentation exposed to the runtime. Process-based isolation to recover from run-time ASRR errors.

References ing.pptx ing.pptx enhanced-operating-system.html enhanced-operating-system.html &hl=en&user=2QmtNQsAAAAJ&citation_for_view=2Qmt NQsAAAAJ:zYLM7Y9cAGgC &hl=en&user=2QmtNQsAAAAJ&citation_for_view=2Qmt NQsAAAAJ:zYLM7Y9cAGgC

Thank You ………………………………………………………………………………………………………………..