ProbeGuard: Mitigating Probing Attacks Through Reactive Program Transformations

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

112 Downloads (Pure)

Abstract

Many modern defenses against code reuse rely on hiding sensitive data such as shadow stacks in a huge memory address space. While much more efficient than traditional integritybased defenses, these solutions are vulnerable to probing attacks which quickly locate the hidden data and compromise security. This has led researchers to question the value of information hiding in real-world software security. Instead, we argue that such a limitation is not fundamental and that information hiding and integrity-based defenses are two extremes of a continuous spectrum of solutions. We propose a solution, ProbeGuard, that automatically balances performance and security by deploying an existing information hiding based baseline defense and then incrementally moving to more powerful integrity-based defenses by hotpatching when probing attacks occur. ProbeGuard is efficient, provides strong security, and gracefully trades off performance upon encountering more probing primitives.

Original languageEnglish
Title of host publicationASPLOS '19 - Proceedings of the 24th International Conference on Architectural Support for Programming Languages and Operating Systems
PublisherAssociation for Computing Machinery
Pages545-558
Number of pages14
ISBN (Electronic)9781450362405
DOIs
Publication statusPublished - 4 Apr 2019
Event24th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2019 - Providence, United States
Duration: 13 Apr 201917 Apr 2019

Conference

Conference24th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2019
CountryUnited States
CityProvidence
Period13/04/1917/04/19

Keywords

  • code reuse
  • graceful performance degradation
  • hotpatching
  • information hiding
  • performancesecurity tradeoff
  • processor trace
  • program transformations
  • reactive defenses
  • security hardening
  • software bugs

Fingerprint Dive into the research topics of 'ProbeGuard: Mitigating Probing Attacks Through Reactive Program Transformations'. Together they form a unique fingerprint.

Cite this