On line software version change using state transfer between processes
Software—Practice & Experience
Near-optimal intraprocedural branch alignment
Proceedings of the ACM SIGPLAN 1997 conference on Programming language design and implementation
Reconsidering custom memory allocation
OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Uniprocessor Garbage Collection Techniques
IWMM '92 Proceedings of the International Workshop on Memory Management
An Architectural Overview of QNX
Proceedings of the Workshop on Micro-kernels and Other Kernel Architectures
Building Diverse Computer Systems
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation
Proceedings of the international symposium on Code generation and optimization: feedback-directed and runtime optimization
On the effectiveness of address-space randomization
Proceedings of the 11th ACM conference on Computer and communications security
Practical dynamic software updating for C
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
Secure and practical defense against code-injection attacks using software dynamic translation
Proceedings of the 2nd international conference on Virtual execution environments
Improving address space randomization with a dynamic offset randomization technique
Proceedings of the 2006 ACM symposium on Applied computing
ICTAI '06 Proceedings of the 18th IEEE International Conference on Tools with Artificial Intelligence
Address Space Layout Permutation (ASLP): Towards Fine-Grained Randomization of Commodity Software
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Singularity: rethinking the software stack
ACM SIGOPS Operating Systems Review - Systems work at Microsoft Research
POLUS: A POwerful Live Updating System
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Address obfuscation: an efficient approach to combat a board range of memory error exploits
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Efficient techniques for comprehensive protection from memory error exploits
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
OPUS: online patches and updates for security
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
N-variant systems: a secretless framework for security through diversity
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Dynamic and adaptive updates of non-quiescent subsystems in commodity operating system kernels
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Automated detection of persistent kernel control-flow attacks
Proceedings of the 14th ACM conference on Computer and communications security
The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86)
Proceedings of the 14th ACM conference on Computer and communications security
Reboots are for hardware: challenges and solutions to updating an operating system on the fly
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Multi-variant Program Execution: Using Multi-core Systems to Defuse Buffer-Overflow Vulnerabilities
CISIS '08 Proceedings of the 2008 International Conference on Complex, Intelligent and Software Intensive Systems
Real-world buffer overflow protection for userspace & kernelspace
SS'08 Proceedings of the 17th conference on Security symposium
Recovery domains: an organizing principle for recoverable operating systems
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
Proceedings of the 4th ACM European conference on Computer systems
Ksplice: automatic rebootless kernel updates
Proceedings of the 4th ACM European conference on Computer systems
Polymorphing Software by Randomizing Data Structure Layout
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Countering kernel rootkits with lightweight hook protection
Proceedings of the 16th ACM conference on Computer and communications security
Surgically Returning to Randomized lib(c)
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Peeping tom in the neighborhood: keystroke eavesdropping on multi-user systems
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
NOZZLE: a defense against heap-spraying code injection attacks
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Return-oriented rootkits: bypassing kernel code integrity protection mechanisms
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Linux kernel developer responses to static analysis bug reports
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Immediate multi-threaded dynamic software updates using stack reconstruction
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Tolerating malicious device drivers in Linux
USENIXATC'10 Proceedings of the 2010 USENIX conference on USENIX annual technical conference
Proceedings of the 17th ACM conference on Computer and communications security
HookScout: proactive binary-centric hook detection
DIMVA'10 Proceedings of the 7th international conference on Detection of intrusions and malware, and vulnerability assessment
Fast and practical instruction-set randomization for commodity systems
Proceedings of the 26th Annual Computer Security Applications Conference
G-Free: defeating return-oriented programming through gadget-less binaries
Proceedings of the 26th Annual Computer Security Applications Conference
Analyzing and improving Linux kernel memory protection: a model checking approach
Proceedings of the 26th Annual Computer Security Applications Conference
HotDep'10 Proceedings of the Sixth international conference on Hot topics in system dependability
Bypassing races in live applications with execution filters
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
A Guide to Kernel Exploitation: Attacking the Core
A Guide to Kernel Exploitation: Attacking the Core
Faults in linux: ten years later
Proceedings of the sixteenth international conference on Architectural support for programming languages and operating systems
Address space randomization for mobile devices
Proceedings of the fourth ACM conference on Wireless network security
State transfer for clear and efficient runtime updates
ICDEW '11 Proceedings of the 2011 IEEE 27th International Conference on Data Engineering Workshops
Q: exploit hardening made easy
SEC'11 Proceedings of the 20th USENIX conference on Security
Reorganizing UNIX for reliability
ACSAC'06 Proceedings of the 11th Asia-Pacific conference on Advances in Computer Systems Architecture
Linux kernel vulnerabilities: state-of-the-art defenses and open problems
Proceedings of the Second Asia-Pacific Workshop on Systems
Comprehensive and Efficient Protection of Kernel Control Data
IEEE Transactions on Information Forensics and Security
Memory errors: the past, the present, and the future
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Code shredding: byte-granular randomization of program layout for detecting code-reuse attacks
Proceedings of the 28th Annual Computer Security Applications Conference
Safe and automatic live update for operating systems
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Applying POMDP to moving target optimization
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
Gadge me if you can: secure and efficient ad-hoc instruction-level randomization for x86 and ARM
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
ASIST: architectural support for instruction set randomization
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Librando: transparent code randomization for just-in-time compilers
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Proceedings of the 2013 workshop on New security paradigms workshop
Back to the future: fault-tolerant live update with time-traveling state transfer
LISA'13 Proceedings of the 27th international conference on Large Installation System Administration
Hi-index | 0.00 |
In recent years, the deployment of many application-level countermeasures against memory errors and the increasing number of vulnerabilities discovered in the kernel has fostered a renewed interest in kernel-level exploitation. Unfortunately, no comprehensive and well-established mechanism exists to protect the operating system from arbitrary attacks, due to the relatively new development of the area and the challenges involved. In this paper, we propose the first design for fine-grained address space randomization (ASR) inside the operating system (OS), providing an efficient and comprehensive countermeasure against classic and emerging attacks, such as return-oriented programming. To motivate our design, we investigate the differences with application-level ASR and find that some of the well-established assumptions in existing solutions are no longer valid inside the OS; above all, perhaps, that information leakage becomes a major concern in the new context. We show that our ASR strategy outperforms state-of-the-art solutions in terms of both performance and security without affecting the software distribution model. Finally, we present the first comprehensive live rerandomization strategy, which we found to be particularly important inside the OS. Experimental results demonstrate that our techniques yield low run-time performance overhead (less than 5% on average on both SPEC and syscall-intensive benchmarks) and limited run-time memory footprint increase (around 15% during the execution of our benchmarks). We believe our techniques can greatly enhance the level of OS security without compromising the performance and reliability of the OS.