Stephen Crane scite author profile

Code-reuse attacks such as return-oriented programming (ROP) pose a severe threat to modern software. Designing practical and effective defenses against code-reuse attacks is highly challenging. One line of defense builds upon fine-grained code diversification to prevent the adversary from constructing a reliable code-reuse attack. However, all solutions proposed so far are either vulnerable to memory disclosure or are impractical for deployment on commodity systems.In this paper, we address the deficiencies of existing solutions and present the first practical, fine-grained code randomization defense, called Readactor, resilient to both static and dynamic ROP attacks. We distinguish between direct memory disclosure, where the attacker reads code pages, and indirect memory disclosure, where attackers use code pointers on data pages to infer the code layout without reading code pages. Unlike previous work, Readactor resists both types of memory disclosure. Moreover, our technique protects both statically and dynamically generated code. We use a new compiler-based code generation paradigm that uses hardware features provided by modern CPUs to enable execute-only memory and hide code pointers from leakage to the adversary. Finally, our extensive evaluation shows that our approach is practical-we protect the entire Google Chromium browser and its V8 JIT compiler-and efficient with an average SPEC CPU2006 performance overhead of only 6.4%. IEEE Symposium on Security and Privacy

show abstract

Thwarting Cache Side-Channel Attacks Through Dynamic Software Diversity

Crane¹,

Homescu²,

Brunthaler

et al. 2015

127

View full text Add to dashboard Cite

We explore software diversity as a defense against side-channel attacks by dynamically and systematically randomizing the control flow of programs. Existing software diversity techniques transform each program trace identically. Our diversity based technique instead transforms programs to make each program trace unique. This approach offers probabilistic protection against both online and off-line side-channel attacks.

show abstract

Perceived Role Conflict, Role Ambiguity, and Burnout Among Special Education Teachers

Crane

Iwanicki

1986

Remedial and Special Education

View full text Add to dashboard Cite

This study examined the relationship of mle conflict and role ambiguity to teacher burnout among Connecticut urban special education teachers (N = 443) afier contmlling for select personal and professional backgrouvd variables. The relationship of these background variabkj to teacher burnout was also examined Role conjict and ambiguity explained a signifcant amount of variance in feelings of emotional exhaustion and depersonalization. Whde perceived burnout among teachers was molrate, the level varied significantly with respect to age, experience, sex, and whether one taught in a resource mom or a self-contained classmom.

show abstract

Leakage-Resilient Layout Randomization for Mobile Devices

Braden¹,

Crane

Davi

et al. 2016

View full text Add to dashboard Cite

Abstract-Attack techniques based on code reuse continue to enable real-world exploits bypassing all current mitigations. Code randomization defenses greatly improve resilience against code reuse. Unfortunately, sophisticated modern attacks such as JIT-ROP can circumvent randomization by discovering the actual code layout on the target and relocating the attack payload on the fly. Hence, effective code randomization additionally requires that the code layout cannot be leaked to adversaries.Previous approaches to leakage-resilient diversity have either relied on hardware features that are not available in all processors, particularly resource-limited processors commonly found in mobile devices, or they have had high memory overheads. We introduce a code randomization technique that avoids these limitations and scales down to mobile and embedded devices: Leakage-Resilient Layout Randomization (LR 2 ).Whereas previous solutions have relied on virtualization, x86 segmentation, or virtual memory support, LR 2 merely requires the underlying processor to enforce a W⊕X policy-a feature that is virtually ubiquitous in modern processors, including mobile and embedded variants. Our evaluation shows that LR 2 provides the same security as existing virtualization-based solutions while avoiding design decisions that would prevent deployment on less capable yet equally vulnerable systems. Although we enforce execute-only permissions in software, LR 2 is as efficient as the best-in-class virtualization-based solution. I. MOTIVATIONThe recent "Stagefright" vulnerability exposed an estimated 950 million Android systems to remote exploitation [21]. Similarly, the "One Class to Rule them All" [40] zero-day vulnerability affected 55% of all Android devices. These are just the most recent incidents in a long series of vulnerabilities that enable attackers to mount code-reuse attacks [37,43] against mobile devices. Moreover, because these devices run scripting capable web browsers, they are also exposed to sophisticated code-reuse attacks that can bypass ASLR and even finegrained code randomization by exploiting information-leakage vulnerabilities [11,20,48,50]. Just-in-time attacks (JIT-ROP) [50] are particularly challenging because they misuse run-time scripting to analyze the target memory layout after randomization and relocate a return-oriented programming (ROP) payload accordingly.There are several alternatives to code randomization aimed to defend against code-reuse attacks, including control-flow integrity (CFI) [1] and code-pointer integrity (CPI) [28]. However, these defenses come with their own set of challenges and tend to have high worst-case performance overheads. We focus on code randomization techniques since they are known to be efficient [18,25] and scalable to complex, real-world applications such as web browsers, language runtimes, and operating system kernels without the need to perform elaborate static program analysis during compilation.Recent code randomization defenses offer varying degrees of resilience to JIT...

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Stephen Crane

Readactor: Practical Code Randomization Resilient to Memory Disclosure

Thwarting Cache Side-Channel Attacks Through Dynamic Software Diversity

Perceived Role Conflict, Role Ambiguity, and Burnout Among Special Education Teachers

Leakage-Resilient Layout Randomization for Mobile Devices

Contact Info

Product

Resources

About