Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Vikram Reddy Enukonda.

Published bySilvia Terry Modified over 9 years ago

Similar presentations

Presentation on theme: "Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Vikram Reddy Enukonda."— Presentation transcript:

1 Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Vikram Reddy Enukonda

2 Outline Kernel-level Exploitation Existing Countermeasures Address Space Randomization Challenges in OS-Level ASR Design for OS-Level ASR OS-Architecture ASR Transformation ASR Performance

3 Kernel-level Exploitation Kernel-level exploitation is increasingly gaining momentum. Many exploits available for Windows, Linux, BSD, Mac OS X, iOS. Plenty of memory error vulnerabilities to choose from. Plethora of internet-connected users running the same kernel version. Many attack opportunities for both local and remote exploits.

4 Existing Countermeasures Preserving kernel code integrity. Kernel hook protection. Control-flow integrity. Comprehensive memory error protection. Virtualization support required, high overhead.

5 Address Space Randomization Well-established defense mechanism against memory error exploits. Application-level support in all the major operating systems. The operating system itself typically not randomized at all. Only recent Windows releases perform basic text randomization. Goal: Fine-grained ASR for operating systems.

6 Challenges in OS-level ASR Instrumentation. Run-time constraints. Attack model. Information leakage. Brute forcing.

7 A Design for OS-level ASR Make both location and layout of memory objects unpredictable. LLVM-based link-time transformations for safe and efficient ASR. Minimal amount of untrusted code exposed to the runtime. Live re-randomization to maximize unobservability of the system. No changes in the software distribution model.

8 The OS Architecture

9 ASR Transformations Code Randomization Static Data Randomization Stack Randomization Dynamic Data Randomization

10 Live Re-randomization First stateful live re-randomization technique. Periodically re-randomize the memory address space layout. Support arbitrary memory layout changes at re- randomization time. Support all the standard C idioms with minimal manual effort. Sandbox the re-randomization code to recover from run-time errors.

11 ASRR Metadata Types Global variables Static variables String constants Functions Dynamic memory allocations

12 Re-randomization Process

13 ASR Performance

14 ASRR Performance

15 Summary A new fine-grained ASR technique for operating systems. Better performance and security than prior ASR solutions. Live re-randomization and ILR to counter information leakage. No heavyweight instrumentation exposed to the runtime. Process-based isolation to recover from run-time ASRR errors.

16 References https://compsec.comp.nus.edu.sg/www/Slides/GroupRead ing.pptx https://compsec.comp.nus.edu.sg/www/Slides/GroupRead ing.pptx http://michael-rushanan.blogspot.com/2013/03/review- enhanced-operating-system.html http://michael-rushanan.blogspot.com/2013/03/review- enhanced-operating-system.html https://scholar.google.com/citations?view_op=view_citation &hl=en&user=2QmtNQsAAAAJ&citation_for_view=2Qmt NQsAAAAJ:zYLM7Y9cAGgC https://scholar.google.com/citations?view_op=view_citation &hl=en&user=2QmtNQsAAAAJ&citation_for_view=2Qmt NQsAAAAJ:zYLM7Y9cAGgC http://dl.acm.org/citation.cfm?id=2362793.2362833

17 Thank You ………………………………………………………………………………………………………………..

Download ppt "Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Vikram Reddy Enukonda."

Similar presentations

Defenses. Preventing hijacking attacks 1. Fix bugs: – Audit software Automated tools: Coverity, Prefast/Prefix. – Rewrite software in a type safe languange.

Defenses. Preventing hijacking attacks 1. Fix bugs: – Audit software Automated tools: Coverity, Prefast/Prefix. – Rewrite software in a type safe languange.
Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.

Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.
Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.

Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.

Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.
InkTag: Secure Applications on an Untrusted Operating system

InkTag: Secure Applications on an Untrusted Operating system
CS 153 Design of Operating Systems Spring 2015 Lecture 19: Page Replacement and Memory War.

CS 153 Design of Operating Systems Spring 2015 Lecture 19: Page Replacement and Memory War.
Threads 1 CS502 Spring 2006 Threads CS-502 Spring 2006.

Threads 1 CS502 Spring 2006 Threads CS-502 Spring 2006.
Run-Time Storage Organization

Run-Time Storage Organization
© 2004, D. J. Foreman 1 CS350 Operating Systems. © 2004, D. J. Foreman 2 Administrivia  Assignments ■ Homework on most chapters ■ Approximately 8 lab.

© 2004, D. J. Foreman 1 CS350 Operating Systems. © 2004, D. J. Foreman 2 Administrivia  Assignments ■ Homework on most chapters ■ Approximately 8 lab.
Exokernel: An Operating System Architecture for Application-Level Resource Management Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr. M.I.T.

Exokernel: An Operating System Architecture for Application-Level Resource Management Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr. M.I.T.
1 Chapter 4 Threads Threads: Resource ownership and execution.

1 Chapter 4 Threads Threads: Resource ownership and execution.
Threads. Processes and Threads  Two characteristics of “processes” as considered so far: Unit of resource allocation Unit of dispatch  Characteristics.

Threads. Processes and Threads  Two characteristics of “processes” as considered so far: Unit of resource allocation Unit of dispatch  Characteristics.
CS 3013 & CS 502 Summer 2006 Threads1 CS-3013 & CS-502 Summer 2006.

CS 3013 & CS 502 Summer 2006 Threads1 CS-3013 & CS-502 Summer 2006.
1 RISE: Randomization Techniques for Software Security Dawn Song CMU Joint work with Monica Chew (UC Berkeley)

1 RISE: Randomization Techniques for Software Security Dawn Song CMU Joint work with Monica Chew (UC Berkeley)
Virtualization for Cloud Computing

Virtualization for Cloud Computing
Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.

Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.
Vulnerability-Specific Execution Filtering (VSEF) for Exploit Prevention on Commodity Software Authors: James Newsome, James Newsome, David Brumley, David.

Vulnerability-Specific Execution Filtering (VSEF) for Exploit Prevention on Commodity Software Authors: James Newsome, James Newsome, David Brumley, David.
Address Space Layout Permutation

Address Space Layout Permutation

Similar presentations

Ads by Google