On the challenges of effective movement

Proceedings of the ACM Conference on Computer and Communications Security

Volumn 2014-November, Issue November, 2014, Pages 41-50

  Hobson, Thomas ^a   Okhravi, Hamed ^a   Bigelow, David ^a   Rudd, Robert ^a   Streilein, William ^a  

^a MIT LINCOLN LABORATORY   (United States)

Author keywords

Cybersecurity challenges; Diversity; Metrics; Moving target; Randomization

Indexed keywords

DATA PRIVACY; SECURITY OF DATA;

CYBER SECURITY; DIVERSITY; METRICS; MOVING TARGETS; RANDOMIZATION;

NETWORK SECURITY;

EID: 84937705020     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2663474.2663480     Document Type: Conference Paper

References (30)

1. P. Barford and V. Yegneswaran. An inside look at botnets. In M. Christodorescu, S. Jha, D. Maughan, D. Song, and C. Wang, editors, Malware Detection, volume 27 of Advances in Information Security, pages 171-191. Springer US, 2007.
2. E. G. Barrantes, D. H. Ackley, T. S. Palmer, D. Stefanovic, and D. D. Zovi. Randomized instruction set emulation to disrupt binary code injection attacks. In Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS '03, pages 281-289, New York, NY, USA, 2003. ACM.
3. A. Bittau, A. Belay, A. Mashtizadeh, D. Mazieres, and D. Boneh. Hacking blind. In Proceedings of the 35th IEEE Symposium on Security and Privacy, 2014.
4. S. Checkoway, L. Davi, A. Dmitrienko, A. Sadeghi, H. Shacham, and M. Winandy. Return-oriented programming without returns. In Proc. of the 17th ACM CCS, pages 559-572, 2010.
5. X. Chen. Aslr bypass apocalypse in recent zero-day exploits, 2013.
6. DoD. Lightweight portable security, 2014.
7. T. Durden. Bypassing pax aslr protection, 2002.
8. W. Herlands, T. Hobson, and P. Donovan. Effective entropy: Security-centric metric for memory randomization techniques. In Workshop on Cyber Security Experimentation and Test, 2014.
9. T. Jackson, A. Homescu, S. Crane, P. Larsen, S. Brunthaler, and M. Franz. Diversifying the software stack using randomized nop insertion. In Moving Target Defense, pages 151-173. 2013.
10. G. S. Kc, A. D. Keromytis, and V. Prevelakis. Countering code-injection attacks with instruction-set randomization. In Proceedings of the 10th ACM conference on Computer and communications security, CCS '03, pages 272-280, New York, NY, USA, 2003. ACM.
11. C. Kil, J. Jun, C. Bookholt, J. Xu, and P. Ning. Address space layout permutation (aslp): Towards fine-grained randomization of commodity software. In Proc. of ACSAC'06, pages 339-348. Ieee, 2006.
12. P. Larsen, A. Homescu, S. Brunthaler, and M. Franz. Sok: Automated software diversity. In Proceedings of the 35th IEEE Symposium on Security and Privacy, 2014.
13. D. J. C. MacKay. Information Theory, Inference & Learning Algorithms. Cambridge University Press, New York, NY, USA, 2002.
14. P. K. Manadhata and J. M. Wing. An attack surface metric. Software Engineering, IEEE Transactions on, 37(3):371-386, 2011.
15. S. Nagarakatte, J. Zhao, M. M. Martin, and S. Zdancewic. Softbound: Highly compatible and complete spatial memory safety for c. In Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI '09, pages 245-258, New York, NY, USA, 2009. ACM.
16. S. Nagarakatte, J. Zhao, M. M. Martin, and S. Zdancewic. Cets: Compiler enforced temporal safety for c. In Proceedings of the 2010 International Symposium on Memory Management, ISMM '10, pages 31-40, New York, NY, USA, 2010. ACM.
17. Nergal. The advanced return-into-lib(c) exploits (pax case study). Phrack Magazine, 58(4):54, Dec 2001.
18. H. Okhravi, A. Comella, E. Robinson, and J. Haines. Creating a cyber moving target for critical infrastructure applications using platform diversity. Elsevier International Journal of Critical Infrastructure Protection, 5:30-39, Mar 2012.
19. H. Okhravi, T. Hobson, D. Bigelow, and W. Streilein. Finding focus in the blur of moving-target techniques. IEEE Security & Privacy, 12(2):16-26, Mar 2014.
20. PaX. Pax address space layout randomization, 2003.
21. G. Portokalidis and A. D. Keromytis. Fast and practical instruction-set randomization for commodity systems. In Proceedings of the 26th Annual Computer Security Applications Conference, ACSAC '10, pages 41-48, New York, NY, USA, 2010. ACM.
22. B. Salamat, A. Gal, and M. Franz. Reverse stack execution in a multi-variant execution environment. In Workshop on Compiler and Architectural Techniques for Application Reliability and Security, 2008.
23. J. Seibert, H. Okhravi, and E. Soderstrom. Information leaks without memory disclosures: Remote side channel attacks on diversified code. In Proc. of the 21st ACM CCS, 2014.
24. F. J. Serna. cve-2012-0769, the case of the perfect info leak, 2012.
25. H. Shacham. The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In Proc. of ACM CCS, pages 552-561, 2007.
26. H. Shacham, M. Page, B. Pfaff, E.-J. Goh, N. Modadugu, and D. Boneh. On the effectiveness of address-space randomization. In Proc. of ACM CCS, pages 298-307, 2004.
27. A. N. Sovarel, D. Evans, and N. Paul. Where's the feeb? the effectiveness of instruction set randomization. In 14th USENIX Security Symposium, volume 6, 2005.
28. R. Strackx, Y. Younan, P. Philippaerts, F. Piessens, S. Lachmund, and T. Walter. Breaking the memory secrecy assumption. In Proceedings of EuroSec '09, 2009.
29. L. Szekeres, M. Payer, T. Wei, and D. Song. Sok: Eternal war in memory. In Proc. of IEEE Symposium on Security and Privacy, 2013.
30. M. Tran, M. Etheridge, T. Bletsch, X. Jiang, V. Freeh, and P. Ning. On the expressiveness of return-into-libc attacks. In Proc. of RAID'11, pages 121-141, 2011.