SPAM: Stateless Permutation of Application Memory
@article{Ziad2020SPAMSP,
title={SPAM: Stateless Permutation of Application Memory},
author={Mohamed Tarek Ibn Ziad and Miguel A. Arroyo and Simha Sethumadhavan},
journal={ArXiv},
year={2020},
volume={abs/2007.13808}
}In this paper, we propose the Stateless Permutation of Application Memory (SPAM), a software defense that enables fine-grained data permutation for C programs. The key benefits include resilience against attacks that directly exploit software errors (i.e., spatial and temporal memory safety violations) in addition to attacks that exploit hardware vulnerabilities such as ColdBoot, RowHammer or hardware side-channels to disclose or corrupt memory using a single cohesive technique. Unlike prior…
Figures and Tables from this paper
References
SHOWING 1-10 OF 106 REFERENCES
STEROIDS for DOPed Applications: A Compiler for Automated Data-Oriented Programming
- Computer Science2019 IEEE European Symposium on Security and Privacy (EuroS&P)
- 2019
Novel techniques to automate the process of generating DOP exploits are presented and a compiler called STEROIDS is implemented that leverages these techniques and compiles the authors' high-level language SLANG into low-level DOP data structures driving malicious computations at run time, enabling highly expressive attacks without conventional code-injection or code-reuse techniques in applications lacking a scripting engine.
Shuffler: Fast and Deployable Continuous Code Re-Randomization
- Computer ScienceOSDI
- 2016
A code-reuse defense, called Shuffler, which continuously re-randomizes code locations on the order of milliseconds, introducing a real-time deadline on the attacker, and defends against all known forms of code reuse, including ROP, direct JIT-ROP, indirect JITs, and Blind ROP.
Improved kernel security through memory layout randomization
- Computer Science2013 IEEE 32nd International Performance Computing and Communications Conference (IPCCC)
- 2013
Two different ways to mutate an operating system kernel using memory layout randomization to resist kernel-based attacks are described and it is shown that by strategically selecting just a few components for randomization, the techniques prevent kernel rootkit infection.
Breaking the memory secrecy assumption
- Computer ScienceEUROSEC '09
- 2009
This paper identifies a new class of vulnerabilities -- buffer overreads -- that occur in practice and that can be exploited to read parts of the memory contents of a process running a vulnerable application.
Data Space Randomization
- Computer ScienceDIMVA
- 2008
This work explores a third form of randomization called data space randomization (DSR) that randomizes the representation of data stored in program memory and shows that with appropriate design choices, DSR can achieve a performance overhead in the range of 5% to 30% for a range of programs.
Smokestack: Thwarting DOP Attacks with Runtime Stack Layout Randomization
- Computer Science2019 IEEE/ACM International Symposium on Code Generation and Optimization (CGO)
- 2019
This paper presents a stack-layout randomization scheme that can effectively thwart DOP attacks and utilizes true-random value sources combined with disclosure-resistant pseudo-random number generation to ensure that an adversary cannot anticipate a function–s invocation permutation of automatic variables.
Data Randomization
- Computer Science, Mathematics
- 2008
A data randomization prototype is implemented that compiles programs without modifications and can prevent many attacks with low overhead, introducing an average runtime overhead of 11% and an average space overhead below 1%.
Practical Byte-Granular Memory Blacklisting using Califorms
- Computer ScienceMICRO
- 2019
A novel idea called Califorms is presented, and associated program observations, to obtain a low overhead security solution for practical, byte-granular memory safety, which reduces the performance overheads of memory safety to ~1.02x--1.16x while providing byte- granular protection and maintaining very low hardware overheads.
libmpk: Software Abstraction for Intel Memory Protection Keys
- Computer ScienceUSENIX Annual Technical Conference
- 2019
Intel memory protection keys (MPK) is a new hardware feature to support thread-local permission control on groups of pages without requiring modification of page tables. Unfortunately, its current…
AddressSanitizer: A Fast Address Sanity Checker
- Computer ScienceUSENIX Annual Technical Conference
- 2012
The paper presents AddressSanitizer, a new memory error detector that achieves efficiency without sacrificing comprehensiveness, and has found over 300 previously unknown bugs in the Chromium browser and many bugs in other software.