Lightweight and Seamless Memory Randomization for Mission-Critical Services in a Cloud Platform

Lightweight and Seamless Memory Randomization for Mission-Critical Services in a Cloud Platform

Nowadays, various computing services are often hosted on cloud platforms for their availability and cost effectiveness. However, such services are frequently exposed to vulnerabilities. Therefore, many countermeasures have been invented to defend against software hacking. At the same time, more comp...

Full description

Bibliographic Details
Main Authors: Joobeom Yun, Ki-Woong Park, Dongyoung Koo, Youngjoo Shin
Format: Article
Language:English
Published: MDPI AG 2020-03-01
Series:Energies
Subjects:
address space layout randomization (aslr)
rerandomization
code-reuse attack
return-oriented programming (rop)
seamless memory randomization
Online Access:https://www.mdpi.com/1996-1073/13/6/1332
id doaj-76d4e8583dff4b359444c3ce0d9bd14d
record_format Article
spelling doaj-76d4e8583dff4b359444c3ce0d9bd14d2020-11-25T02:10:42ZengMDPI AGEnergies1996-10732020-03-01136133210.3390/en13061332en13061332Lightweight and Seamless Memory Randomization for Mission-Critical Services in a Cloud PlatformJoobeom Yun0Ki-Woong Park1Dongyoung Koo2Youngjoo Shin3Department of Computer and Information Security, Sejong University, Seoul 05006, KoreaDepartment of Computer and Information Security, Sejong University, Seoul 05006, KoreaDepartment of Electronics and Information Engineering, Hansung University, Seoul 02876, KoreaDepartment of Computer and Information Engineering, Kwangwoon University, Seoul 01897, KoreaNowadays, various computing services are often hosted on cloud platforms for their availability and cost effectiveness. However, such services are frequently exposed to vulnerabilities. Therefore, many countermeasures have been invented to defend against software hacking. At the same time, more complicated attacking techniques have been created. Among them, code-reuse attacks are still an effective means of abusing software vulnerabilities. Although state-of-the-art address space layout randomization (ASLR) runtime-based solutions provide a robust way to mitigate code-reuse attacks, they have fundamental limitations; for example, the need for system modifications, and the need for recompiling source codes or restarting processes. These limitations are not appropriate for mission-critical services because a seamless operation is very important. In this paper, we propose a novel ASLR technique to provide memory rerandomization without interrupting the process execution. In addition, we describe its implementation and evaluate the results. In summary, our method provides a lightweight and seamless ASLR for critical service applications.https://www.mdpi.com/1996-1073/13/6/1332address space layout randomization (aslr)rerandomizationcode-reuse attackreturn-oriented programming (rop)seamless memory randomization
collection DOAJ
language English
format Article
sources DOAJ
author Joobeom Yun
Ki-Woong Park
Dongyoung Koo
Youngjoo Shin
spellingShingle Joobeom Yun
Ki-Woong Park
Dongyoung Koo
Youngjoo Shin
Lightweight and Seamless Memory Randomization for Mission-Critical Services in a Cloud Platform
Energies
address space layout randomization (aslr)
rerandomization
code-reuse attack
return-oriented programming (rop)
seamless memory randomization
author_facet Joobeom Yun
Ki-Woong Park
Dongyoung Koo
Youngjoo Shin
author_sort Joobeom Yun
title Lightweight and Seamless Memory Randomization for Mission-Critical Services in a Cloud Platform
title_short Lightweight and Seamless Memory Randomization for Mission-Critical Services in a Cloud Platform
title_full Lightweight and Seamless Memory Randomization for Mission-Critical Services in a Cloud Platform
title_fullStr Lightweight and Seamless Memory Randomization for Mission-Critical Services in a Cloud Platform
title_full_unstemmed Lightweight and Seamless Memory Randomization for Mission-Critical Services in a Cloud Platform
title_sort lightweight and seamless memory randomization for mission-critical services in a cloud platform
publisher MDPI AG
series Energies
issn 1996-1073
publishDate 2020-03-01
description Nowadays, various computing services are often hosted on cloud platforms for their availability and cost effectiveness. However, such services are frequently exposed to vulnerabilities. Therefore, many countermeasures have been invented to defend against software hacking. At the same time, more complicated attacking techniques have been created. Among them, code-reuse attacks are still an effective means of abusing software vulnerabilities. Although state-of-the-art address space layout randomization (ASLR) runtime-based solutions provide a robust way to mitigate code-reuse attacks, they have fundamental limitations; for example, the need for system modifications, and the need for recompiling source codes or restarting processes. These limitations are not appropriate for mission-critical services because a seamless operation is very important. In this paper, we propose a novel ASLR technique to provide memory rerandomization without interrupting the process execution. In addition, we describe its implementation and evaluate the results. In summary, our method provides a lightweight and seamless ASLR for critical service applications.
topic address space layout randomization (aslr)
rerandomization
code-reuse attack
return-oriented programming (rop)
seamless memory randomization
url https://www.mdpi.com/1996-1073/13/6/1332
work_keys_str_mv AT joobeomyun lightweightandseamlessmemoryrandomizationformissioncriticalservicesinacloudplatform
AT kiwoongpark lightweightandseamlessmemoryrandomizationformissioncriticalservicesinacloudplatform
AT dongyoungkoo lightweightandseamlessmemoryrandomizationformissioncriticalservicesinacloudplatform
AT youngjooshin lightweightandseamlessmemoryrandomizationformissioncriticalservicesinacloudplatform
_version_ 1724918017702232064

Similar Items