CodeArmor: Virtualizing the Code Space to Counter Disclosure Attacks

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

Code diversification is an effective strategy to prevent modern code-reuse exploits. Unfortunately, diversification techniques are inherently vulnerable to information disclosure. Recent diversification-aware ROP exploits have demonstrated that code disclosure attacks are a realistic threat, with an attacker able to read or execute arbitrary code memory and gather enough gadgets to bypass state-of-the-art code diversification defenses. In this paper, we present CodeArmor, a binary-level system to harden code diversification against all the existing read-based and execution-based code disclosure attacks. To counter such attacks, CodeArmor virtualizes the code space to completely decouple code pointer values from the concrete location of their targets in the memory address space. Using a combination of run-time randomization and pervasively deployed honey gadgets, code space virtualization probabilistically ensures that only code references that can legitimately be issued by the program are effectively translated to the concrete code space. This strategy significantly reduces the attack surface, limiting the attacker to only code pointer gadgets that can be leaked from data memory. In addition, unlike existing leakage-resistant code diversification techniques that provide similar security guarantees, CodeArmor requires no access to source code, hypervisors, or special hardware support. Our experimental results show that CodeArmor significantly raises the bar against existing and future attacks, at the cost of relatively low average performance overhead (6.9% on SPEC and 14.5% on popular server programs, and even lower - roughly halving such average overheads - when operating aggressive inlining optimizations at the binary level).

Original languageEnglish
Title of host publicationProceedings - 2nd IEEE European Symposium on Security and Privacy, EuroS and P 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages514-529
Number of pages16
ISBN (Electronic)9781509057610
DOIs
Publication statusPublished - 28 Jun 2017
Event2nd IEEE European Symposium on Security and Privacy, EuroS and P 2017 - Paris, France
Duration: 26 Apr 201728 Apr 2017

Conference

Conference2nd IEEE European Symposium on Security and Privacy, EuroS and P 2017
CountryFrance
CityParis
Period26/04/1728/04/17

Keywords

  • code space virtualization
  • honey gadgets
  • randomization
  • rerandomization

Fingerprint

Dive into the research topics of 'CodeArmor: Virtualizing the Code Space to Counter Disclosure Attacks'. Together they form a unique fingerprint.

Cite this