Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Cristiano Giuffrida Anton Kuijsten Andrew S. Tanenbaum.

Similar presentations


Presentation on theme: "Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Cristiano Giuffrida Anton Kuijsten Andrew S. Tanenbaum."— Presentation transcript:

1 Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Cristiano Giuffrida Anton Kuijsten Andrew S. Tanenbaum Usenix Security 2012

2 Introduction Kernel-level Exploitation Existing Countermeasures Preserving kernel code integrity [SecVisor, NICKLE, hvmHarvard]. Kernel hook protection [HookSafe, HookScout, Indexed hooks]. Control-ow integrity [SBCFI]. No comprehensive memory error protection. Virtualization support required, high overhead.

3 Address Space Randomization Well-established defense mechanism against memory error exploits. Application-level support in all the major operating systems. The operating system itself typically not randomized at all. Only recent Windows releases perform basic text randomization. Goal: Fine-grained ASR for operating systems

4 Challenges Instrumentation Lightweight Information leakage Fine-grain and rerandomization Brute force Crash kernel

5 A Design for OS-level ASR Make both location and layout of memory objects unpredictable. LLVM-based link-time transformations for safe and effcient ASR. Minimal amount of untrusted code exposed to the runtime. Live rerandomization to maximize unobservability of the system. No changes in the software distribution model.

6 Discussion Not tested on real kernel exploit, to provide evaluation on the performance How to check the interval of rerandomization Hard to do, need threat model and per-component based testing Good for tuning for unpatched kernel

7 Discussion Rerandomization failure Make sure this rerandomization process can start Corrupt state can affect the migration Time out and abort Multicore Synchronize the states, per-components replica Future work

8 Discussion Rerandomization can be improved Need to care about the randomization, as the entropy. Randomization pool can be used up. More questions?

9 Discussion Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization Kevin Z. Snow et al. 2013 IEEE Symposium on Security and Privacy Evaluation


Download ppt "Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Cristiano Giuffrida Anton Kuijsten Andrew S. Tanenbaum."

Similar presentations


Ads by Google