Litcius/Paper detail

CoDaRR: Continuous Data Space Randomization against Data-Only Attacks

Prabhu Rajasekaran, Stephen Crane, David Gen�s, Yeoul Na, Stijn Volckaert, Michael Franz

202025 citationsDOIOpen Access PDF

Abstract

The widespread deployment of exploit mitigations such as CFI and shadow stacks are making code-reuse attacks increasingly difficult. This has forced adversaries to consider data-only attacks against which the venerable ASLR remains the primary deployed defense. Data-Space Randomization (DSR) techniques raise the bar against data-only attacks by making it harder for adversaries to inject malicious data flows into vulnerable applications. DSR works by masking memory load and store instructions. Masks are chosen (i) to not interfere with intended data flows and (ii) such that masking likely interferes with unintended flows introduced by malicious program inputs.

Topics & Concepts

Computer scienceExploitComputer securityMasking (illustration)Software deploymentReuseCode (set theory)Computer networkOperating systemProgramming languageEngineeringWaste managementSet (abstract data type)ArtVisual artsSecurity and Verification in ComputingAdvanced Malware Detection TechniquesPhysical Unclonable Functions (PUFs) and Hardware Security