Presentation | 2012-07-19 Detecting Invalid Control Flow with Pseudo-Dispersion of Program Code Eitaro SHIOJI, Yuhei KAWAKOYA, Makoto IWAMURA, Takeo HARIU, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | Attacks that modify the control flow of a running program by corrupting memory address pointers have been a major threat for many years. Majority of existing countermeasures were not successful at being widely adopted possibly due to their strict restrictions on targeted software such as requiring recompilation from source code, or causing integrity problems due to program modification. In this paper, we propose a novel defensive scheme based on the idea of embedding the checksum value of a memory address in the address itself. It hinders designation of an address used in code-reuse attacks by giving the attacker an illusion of program code being shredded into pieces at byte granularity and dispersed randomly over memory space. We present and discuss the design and implementation issues of an attack detection system based on this scheme. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | code-reuse attack / control-flow hijacking / address space layout randomization / software diversification |
Paper # | ISEC2012-24,SITE2012-20,ICSS2012-26,EMM2012-16 |
Date of Issue |
Conference Information | |
Committee | ISEC |
---|---|
Conference Date | 2012/7/12(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information Security (ISEC) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Detecting Invalid Control Flow with Pseudo-Dispersion of Program Code |
Sub Title (in English) | |
Keyword(1) | code-reuse attack |
Keyword(2) | control-flow hijacking |
Keyword(3) | address space layout randomization |
Keyword(4) | software diversification |
1st Author's Name | Eitaro SHIOJI |
1st Author's Affiliation | NTT Secure Platform Laboratories, NTT Corporation() |
2nd Author's Name | Yuhei KAWAKOYA |
2nd Author's Affiliation | NTT Secure Platform Laboratories, NTT Corporation |
3rd Author's Name | Makoto IWAMURA |
3rd Author's Affiliation | NTT Secure Platform Laboratories, NTT Corporation |
4th Author's Name | Takeo HARIU |
4th Author's Affiliation | NTT Secure Platform Laboratories, NTT Corporation |
Date | 2012-07-19 |
Paper # | ISEC2012-24,SITE2012-20,ICSS2012-26,EMM2012-16 |
Volume (vol) | vol.112 |
Number (no) | 126 |
Page | pp.pp.- |
#Pages | 6 |
Date of Issue |