On the General Applicability of Instruction-Set Randomization

Boyd, Stephen; Kc, Gaurav S.; Locasto, Michael E.; Keromytis, Angelos D.; Prevelakis, Vassilis

doi:10.1109/tdsc.2008.58

Cited by 54 publications

(43 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Higher-level instruction sets can also be randomized. For example, SQL injection attacks can be thwarted by adding random nonces to SQL commands [33] and Perl injection attacks can be thwarted by randomizing parts of the Perl language [4].…”

Section: Instruction Set Randomizationmentioning

confidence: 99%

Effectiveness of Moving Target Defenses

Evans

Nguyen-Tuong

Knight

2011

Advances in Information Security

104

View full text Add to dashboard Cite

Moving target defenses have been proposed as a way to make it much more difficult for an attacker to exploit a vulnerable system by changing aspects of that system to present attackers with a varying attack surface. The hope is that constructing a successful exploit requires analyzing properties of the system, and that in the time it takes an attacker to learn those properties and construct the exploit, the system will have changed enough by the time the attacker can launch the exploit to disrupt the exploit's functionality. This is a promising and appealing idea, but its security impact is not yet clearly understood. In this chapter, we argue that the actual benefits of the moving target approach are in fact often much less significant than one would expect. We present a model for thinking about dynamic diversity defenses, analyze the security properties of a few example defenses and attacks, and identify scenarios where moving target defenses are and are not effective.

show abstract

Section: Instruction Set Randomizationmentioning

confidence: 99%

Effectiveness of Moving Target Defenses

Evans

Nguyen-Tuong

Knight

2011

Advances in Information Security

104

View full text Add to dashboard Cite

show abstract

“…They propose a low-overhead implementation of ISR in hardware, and evaluate it using the Bochs x86 emu-lator. They also demonstrate the applicability of the approach on interpreted languages such as Perl, and later SQL [36]. Concurrently, Barrantes et al [18] proposed a similar randomization technique for binaries (RISE), which builds on the Valgrind x86 emulator.…”

Section: Related Workmentioning

confidence: 95%

Global ISR: Toward a Comprehensive Defense Against Unauthorized Code Execution

Portokalidis

Keromytis

2011

Advances in Information Security

Self Cite

View full text Add to dashboard Cite

Abstract. Instruction-set randomization (ISR) obfuscates the "language" understood by a system to protect against code-injection attacks by presenting an ever-changing target. ISR was originally motivated by code injection through buffer overflow vulnerabilities. However, Stuxnet demonstrated that attackers can exploit other vectors to place malicious binaries into a victim's filesystem and successfully launch them, bypassing most mechanisms proposed to counter buffer overflows. We propose the holistic adoption of ISR across the software stack, preventing the execution of unauthorized binaries and scripts regardless of their origin. Our approach requires that programs be randomized with different keys during a user-controlled installation, effectively combining the benefits of code whitelisting/signing and runtime program integrity. We discuss how an ISR-enabled environment for binaries can be implemented with little overhead in hardware, and show that higher-overhead softwareonly alternatives are possible. We use Perl and SQL to demonstrate the application of ISR in scripting environments with negligible overhead.

show abstract

“…They propose a low-overhead implementation of ISR in hardware, and evaluate it using the Bochs x86 emulator. They also demonstrate the applicability of the approach on interpreted languages such as Perl, and later SQL [9]. Concurrently, Barrantes et al [4] proposed a similar randomization technique for binaries (RISE), which builds on the Valgrind x86 emulator.…”

Section: Related Workmentioning

confidence: 95%

Fast and practical instruction-set randomization for commodity systems

Portokalidis

Keromytis

2010

Proceedings of the 26th Annual Computer Security Applications Conference

Self Cite

View full text Add to dashboard Cite

Instruction-set randomization (ISR) is a technique based on randomizing the "language" understood by a system to protect it from code-injection attacks. Such attacks were used by many computer worms in the past, but still pose a threat as it was confirmed by the recent Conficker worm outbreak, and the latest exploits targeting some of Adobe's most popular products. This paper presents a fast and practical implementation of ISR that can be applied on currently deployed software. Our solution builds on a binary instrumentation tool to provide an ISR-enabled execution environment entirely in software. Applications are randomized using a simple XOR function and a 16-bit key that is randomly generated every time an application is launched. Shared libraries can be also randomized using separate keys, and their randomized versions can be used by all applications running under ISR. Moreover, we introduce a key management system to keep track of the keys used in the system. To the best of our knowledge we are the first to apply ISR on truly shared libraries.Finally, we evaluate our implementation using real applications including the Apache web server, and the MySQL database server. For the first, we show that our implementation has negligible overhead (less than 1%) for static HTML loads, while the overhead when running MySQL can be as low as 75%. We see that our system can be used with little cost with I/O intensive network applications, while it can also be a good candidate for deployment with CPU intensive applications, in scenarios where security outweighs performance.

show abstract

On the General Applicability of Instruction-Set Randomization

Cited by 54 publications

References 26 publications

Effectiveness of Moving Target Defenses

Effectiveness of Moving Target Defenses

Global ISR: Toward a Comprehensive Defense Against Unauthorized Code Execution

Fast and practical instruction-set randomization for commodity systems

Contact Info

Product

Resources

About