Proceedings of the 10th ACM Conference on Computer and Communications Security 2003
DOI: 10.1145/948109.948147
|View full text |Cite
|
Sign up to set email alerts
|

Randomized instruction set emulation to disrupt binary code injection attacks

Abstract: Many remote attacks against computer systems inject binary code into the execution path of a running program, gaining control of the program's behavior. If each defended system or program could use a machine instruction set that was both unique and private, such binary code injection attacks would become extremely difficult if not impossible. A binary-to-binary translator provides an economic and flexible implementation path for realizing that idea. As a proof of concept, we describe a randomized instruction s… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
147
0
1

Year Published

2004
2004
2021
2021

Publication Types

Select...
5
2
1

Relationship

0
8

Authors

Journals

citations
Cited by 264 publications
(148 citation statements)
references
References 7 publications
0
147
0
1
Order By: Relevance
“…They also demonstrate the applicability of the approach on interpreted languages such as Perl, and later SQL [36]. Concurrently, Barrantes et al [18] proposed a similar randomization technique for binaries (RISE), which builds on the Valgrind x86 emulator. RISE provides limited support for shared libraries by creating randomized copies of the libraries for each process.…”
Section: Related Workmentioning
confidence: 96%
See 1 more Smart Citation
“…They also demonstrate the applicability of the approach on interpreted languages such as Perl, and later SQL [36]. Concurrently, Barrantes et al [18] proposed a similar randomization technique for binaries (RISE), which builds on the Valgrind x86 emulator. RISE provides limited support for shared libraries by creating randomized copies of the libraries for each process.…”
Section: Related Workmentioning
confidence: 96%
“…This capability implies that attackers know what "type" of code (e.g., x86) is understood by the system. This observation led us [17] (and concurrently others [18,19]) to introduce a general approach for preventing code-injection attacks, instruction-set randomization (ISR). Inspired by biology where genetic variation protects organisms from environmental threats, ISR proposes the randomization of the underlying system's instructions, so that "foreign" code introduced within a running process by an attack would fail to execute correctly, regardless of the injection approach.…”
Section: Introductionmentioning
confidence: 99%
“…Memory layout randomizers [34,6,36,8] randomize the layout of memory: by loading the stack and heap at random addresses and by placing random gaps between objects. Instruction set randomizers [5,17] encrypt the instructions while in memory and will decrypt them before execution. While our approach is also probabilistic, it is aimed at protecting locations from non-control-data attacks, while most of the above approaches are aimed at protecting either control data or preventing the attacker from injecting code, neither of which are useful for non-control data attacks.…”
Section: Probabilistic Countermeasuresmentioning
confidence: 99%
“…The second layer of defense is to prevent malicious code from being executed. Prevention methods include instruction set randomization [34,35], non-executable stack and heap pages [8,10], process image randomization [10,13], and stack integrity guarding [4,11]. The third layer of defense attempts to prevent the executing attack code from doing further harm though the system interface.…”
Section: Related Workmentioning
confidence: 99%
“…The third layer of defense attempts to prevent the executing attack code from doing further harm though the system interface. Existing work at this stage includes anomaly detection [5,6,12,24,25,27], process randomization [2,10,13,28,36], and instruction set randomization [34,35].…”
Section: Related Workmentioning
confidence: 99%