Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Cristiano Giuffrida Anton Kuijsten Andrew S. Tanenbaum.

Published byOliver Powers Modified over 9 years ago

Similar presentations

Presentation on theme: "Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Cristiano Giuffrida Anton Kuijsten Andrew S. Tanenbaum."— Presentation transcript:

1 Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Cristiano Giuffrida Anton Kuijsten Andrew S. Tanenbaum Usenix Security 2012

2 Introduction Kernel-level Exploitation Existing Countermeasures Preserving kernel code integrity [SecVisor, NICKLE, hvmHarvard]. Kernel hook protection [HookSafe, HookScout, Indexed hooks]. Control-ow integrity [SBCFI]. No comprehensive memory error protection. Virtualization support required, high overhead.

3 Address Space Randomization Well-established defense mechanism against memory error exploits. Application-level support in all the major operating systems. The operating system itself typically not randomized at all. Only recent Windows releases perform basic text randomization. Goal: Fine-grained ASR for operating systems

4 Challenges Instrumentation Lightweight Information leakage Fine-grain and rerandomization Brute force Crash kernel

5 A Design for OS-level ASR Make both location and layout of memory objects unpredictable. LLVM-based link-time transformations for safe and effcient ASR. Minimal amount of untrusted code exposed to the runtime. Live rerandomization to maximize unobservability of the system. No changes in the software distribution model.

6 Discussion Not tested on real kernel exploit, to provide evaluation on the performance How to check the interval of rerandomization Hard to do, need threat model and per-component based testing Good for tuning for unpatched kernel

7 Discussion Rerandomization failure Make sure this rerandomization process can start Corrupt state can affect the migration Time out and abort Multicore Synchronize the states, per-components replica Future work

8 Discussion Rerandomization can be improved Need to care about the randomization, as the entropy. Randomization pool can be used up. More questions?

9 Discussion Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization Kevin Z. Snow et al. 2013 IEEE Symposium on Security and Privacy Evaluation

Download ppt "Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Cristiano Giuffrida Anton Kuijsten Andrew S. Tanenbaum."

Similar presentations

Secure Virtual Machine Execution Under an Untrusted Management OS Chunxiao Li Anand Raghunathan Niraj K. Jha.

Secure Virtual Machine Execution Under an Untrusted Management OS Chunxiao Li Anand Raghunathan Niraj K. Jha.
Secure Operating Systems Lesson 2: OS Fundamentals.

Secure Operating Systems Lesson 2: OS Fundamentals.
Paruj Ratanaworabhan, Cornell University Benjamin Livshits, Microsoft Research Benjamin Zorn, Microsoft Research USENIX Security Symposium 2009 A Presentation.

Paruj Ratanaworabhan, Cornell University Benjamin Livshits, Microsoft Research Benjamin Zorn, Microsoft Research USENIX Security Symposium 2009 A Presentation.
Department of Computer Science and Engineering University of Washington Brian N. Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,

Department of Computer Science and Engineering University of Washington Brian N. Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,
Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.

Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.
Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Unit OS1: Overview of Operating Systems 1.1. Windows.

Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Unit OS1: Overview of Operating Systems 1.1. Windows.
Moving Target Defense in Cyber Security

Moving Target Defense in Cyber Security
DIEHARDER: SECURING THE HEAP. Previously in DieHard…  Increase Reliability by random positioning of data  Replicated Execution detects invalid memory.

DIEHARDER: SECURING THE HEAP. Previously in DieHard…  Increase Reliability by random positioning of data  Replicated Execution detects invalid memory.
Bug Isolation via Remote Program Sampling Ben Liblit, Alex Aiken, Alice X.Zheng, Michael I.Jordan Presented by: Xia Cheng.

Bug Isolation via Remote Program Sampling Ben Liblit, Alex Aiken, Alice X.Zheng, Michael I.Jordan Presented by: Xia Cheng.
An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.

An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.
© 2004, D. J. Foreman 1 CS350 Operating Systems. © 2004, D. J. Foreman 2 Administrivia  Assignments ■ Homework on most chapters ■ Approximately 8 lab.

© 2004, D. J. Foreman 1 CS350 Operating Systems. © 2004, D. J. Foreman 2 Administrivia  Assignments ■ Homework on most chapters ■ Approximately 8 lab.
Achieving Trusted Systems by Providing Security and Reliability Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu, Shuo Chen, Nithin Nakka and Karthik Pattabiraman.

Achieving Trusted Systems by Providing Security and Reliability Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu, Shuo Chen, Nithin Nakka and Karthik Pattabiraman.
Remus: High Availability via Asynchronous Virtual Machine Replication.

Remus: High Availability via Asynchronous Virtual Machine Replication.
Exokernel: An Operating System Architecture for Application-Level Resource Management Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr. M.I.T.

Exokernel: An Operating System Architecture for Application-Level Resource Management Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr. M.I.T.
Case Study: The E1 Distributed Operating System Chris Krentz 3/20/2007.

Case Study: The E1 Distributed Operating System Chris Krentz 3/20/2007.
@ NCSU Zhi NCSU Xuxian Microsoft Research Weidong Microsoft NCSU Peng NCSU ACM CCS’09.

@ NCSU Zhi NCSU Xuxian Microsoft Research Weidong Microsoft NCSU Peng NCSU ACM CCS’09.
1 RISE: Randomization Techniques for Software Security Dawn Song CMU Joint work with Monica Chew (UC Berkeley)

1 RISE: Randomization Techniques for Software Security Dawn Song CMU Joint work with Monica Chew (UC Berkeley)
Jiang Wang, Joint work with Angelos Stavrou and Anup Ghosh CSIS, George Mason University HyperCheck: a Hardware Assisted Integrity Monitor.

Jiang Wang, Joint work with Angelos Stavrou and Anup Ghosh CSIS, George Mason University HyperCheck: a Hardware Assisted Integrity Monitor.
Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.

Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.
Stack Management Each process/thread has two stacks  Kernel stack  User stack Stack pointer changes when exiting/entering the kernel Q: Why is this necessary?

Stack Management Each process/thread has two stacks  Kernel stack  User stack Stack pointer changes when exiting/entering the kernel Q: Why is this necessary?

Similar presentations

Ads by Google