Function risk assessment under memory leakage

Author

Jianming FU, Wuhan University
Rui JIN, Wuhan University
Yan LIN, Singapore Management UniversityFollow
Baihe JIANG, Wuhan University
Zhengwei GUO, Wuhan University

Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

10-2018

Abstract

Code reuse attack (CRA), specifically reusing and then reconstructing the codes (gadgets) already existed in programs and libraries, is widely exploited in software attacks. Admittedly, determination of the location of the gadgets consisted of target instructions along with control flow transfer instructions, is of critical importance. Address Space Randomization (ASR), which serves as an effective technique to mitigate CRA, increases the entropy by randomizing the location of the code or data, and baffles adversaries from figuring out the memory layout. Currently, variable randomization methods of high granularity are proposed by scholars to prevent adversaries from deducting memory layout. However, their credibility on alleviating CRA is yet to be confirmed, especially when the suitable pointer is exposed to adversaries. In this paper, we focus on studying what kinds of function leakage can lead to a CRA more likely. A function risk assessment model focusing on function coupling is proposed to quantify the risk caused by the suitable function pointer leakage and it is extended to assess the risk of the whole program and library under the memory leakage. Our experimental results show that popular open-source software is vulnerable when certain code pointer is leaked to adversaries and even severer when the system library is accessible. In addition, suggestions to eliminate function coupling and evaluate the availability of randomization methods are further discussed.

Keywords

Code Reuse Attack, Memory Leakage, Randomization, Risk Assessment

Discipline

Information Security | Software Engineering

Publication

2018 International Conference on Networking and Network Applications: NaNA 2018: Xi'an, China, October 12-15: Proceedings

First Page

284

Last Page

291

ISBN

9781538683033

Identifier

10.1109/NANA.2018.8648754

Publisher

IEEE Computer Society

City or Country

Los Alamitos, CA

Citation

FU, Jianming; JIN, Rui; LIN, Yan; JIANG, Baihe; and GUO, Zhengwei. Function risk assessment under memory leakage. (2018). 2018 International Conference on Networking and Network Applications: NaNA 2018: Xi'an, China, October 12-15: Proceedings. 284-291.
Available at: https://ink.library.smu.edu.sg/sis_research/4393

Copyright Owner and License

Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1109/NANA.2018.8648754