{"title":"Diversified Process Replicæ for Defeating Memory Error Exploits","authors":"D. Bruschi, L. Cavallaro, A. Lanzi","doi":"10.1109/PCCC.2007.358924","DOIUrl":null,"url":null,"abstract":"An interpretation of the notion of software diversity is based on the concept of diversified process replicæ. We define pr as the replica of a process p which behaves identically to p but has some \"structural\" diversity from it. This makes possible to detect memory corruption attacks in a deterministic way. In our solution, p and pr differ in their address space which is properly diversified, thus defeating absolute and partial overwriting memory error exploits. We also give a characterization and a preliminary solution for shared memory management, one of the biggest practical issue introduced by this approach. Speculation on how to deal with synchronous signals delivery is faced as well. A user space proof-of-concept prototype has been implemented. Experimental results show a 68.93% throughput slowdown on a worst-case, while experiencing only a 1.20% slowdown on a best-case.","PeriodicalId":356565,"journal":{"name":"2007 IEEE International Performance, Computing, and Communications Conference","volume":"428 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"62","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 IEEE International Performance, Computing, and Communications Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PCCC.2007.358924","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 62
Abstract
An interpretation of the notion of software diversity is based on the concept of diversified process replicæ. We define pr as the replica of a process p which behaves identically to p but has some "structural" diversity from it. This makes possible to detect memory corruption attacks in a deterministic way. In our solution, p and pr differ in their address space which is properly diversified, thus defeating absolute and partial overwriting memory error exploits. We also give a characterization and a preliminary solution for shared memory management, one of the biggest practical issue introduced by this approach. Speculation on how to deal with synchronous signals delivery is faced as well. A user space proof-of-concept prototype has been implemented. Experimental results show a 68.93% throughput slowdown on a worst-case, while experiencing only a 1.20% slowdown on a best-case.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
