Practical Fine-Grained Binary Code Randomization

Soumyakant Priyadarshan; Huan Nguyen; R. Sekar

doi:10.1145/3427228.3427292

Practical Fine-Grained Binary Code Randomization

Soumyakant Priyadarshan
, Huan Nguyen
, R. Sekar

Computer Science

Stony Brook University

Stony Brook University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

15 Scopus citations

Abstract

Despite its effectiveness against code reuse attacks, fine-grained code randomization has not been deployed widely due to compatibility as well as performance concerns. Previous techniques often needed source code access to achieve good performance, but this breaks compatibility with today's binary-based software distribution and update mechanisms. Moreover, previous techniques break C++ exceptions and stack tracing, which are crucial for practical deployment. In this paper, we first propose a new, tunable randomization technique called LLR(k) that is compatible with these features. Since the metadata needed to support exceptions/stack-tracing can reveal considerable information about code layout, we propose a new entropy metric that accounts for leaks of this metadata. We then present a novel metadata reduction technique to significantly increase entropy without degrading exception handling. This enables LLR(k) to achieve strong entropy with a low overhead of 2.26%.

Original language	English
Title of host publication	Proceedings - 36th Annual Computer Security Applications Conference, ACSAC 2020
Publisher	Association for Computing Machinery
Pages	401-414
Number of pages	14
ISBN (Electronic)	9781450388580
DOIs	https://doi.org/10.1145/3427228.3427292
State	Published - Dec 7 2020
Event	36th Annual Computer Security Applications Conference, ACSAC 2020 - Virtual, Online, United States Duration: Dec 7 2020 → Dec 11 2020

Publication series

Name	ACM International Conference Proceeding Series

Conference

Conference	36th Annual Computer Security Applications Conference, ACSAC 2020
Country/Territory	United States
City	Virtual, Online
Period	12/7/20 → 12/11/20

Keywords

Binary instrumentation
Code randomization
Code reuse exploits
Exception compatibility.

Access to Document

10.1145/3427228.3427292

Cite this

@inproceedings{f23185337dcf4dc284364e5acbf71130,

title = "Practical Fine-Grained Binary Code Randomization",

abstract = "Despite its effectiveness against code reuse attacks, fine-grained code randomization has not been deployed widely due to compatibility as well as performance concerns. Previous techniques often needed source code access to achieve good performance, but this breaks compatibility with today's binary-based software distribution and update mechanisms. Moreover, previous techniques break C++ exceptions and stack tracing, which are crucial for practical deployment. In this paper, we first propose a new, tunable randomization technique called LLR(k) that is compatible with these features. Since the metadata needed to support exceptions/stack-tracing can reveal considerable information about code layout, we propose a new entropy metric that accounts for leaks of this metadata. We then present a novel metadata reduction technique to significantly increase entropy without degrading exception handling. This enables LLR(k) to achieve strong entropy with a low overhead of 2.26\%.",

keywords = "Binary instrumentation, Code randomization, Code reuse exploits, Exception compatibility.",

author = "Soumyakant Priyadarshan and Huan Nguyen and R. Sekar",

note = "Publisher Copyright: {\textcopyright} 2020 ACM.; 36th Annual Computer Security Applications Conference, ACSAC 2020 ; Conference date: 07-12-2020 Through 11-12-2020",

year = "2020",

month = dec,

day = "7",

doi = "10.1145/3427228.3427292",

language = "English",

series = "ACM International Conference Proceeding Series",

publisher = "Association for Computing Machinery",

pages = "401--414",

booktitle = "Proceedings - 36th Annual Computer Security Applications Conference, ACSAC 2020",

}

Priyadarshan, S, Nguyen, H & Sekar, R 2020, Practical Fine-Grained Binary Code Randomization. in Proceedings - 36th Annual Computer Security Applications Conference, ACSAC 2020., 3427292, ACM International Conference Proceeding Series, Association for Computing Machinery, pp. 401-414, 36th Annual Computer Security Applications Conference, ACSAC 2020, Virtual, Online, United States, 12/7/20. https://doi.org/10.1145/3427228.3427292

Practical Fine-Grained Binary Code Randomization. / Priyadarshan, Soumyakant; Nguyen, Huan; Sekar, R.
Proceedings - 36th Annual Computer Security Applications Conference, ACSAC 2020. Association for Computing Machinery, 2020. p. 401-414 3427292 (ACM International Conference Proceeding Series).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Practical Fine-Grained Binary Code Randomization

AU - Priyadarshan, Soumyakant

AU - Nguyen, Huan

AU - Sekar, R.

PY - 2020/12/7

Y1 - 2020/12/7

N2 - Despite its effectiveness against code reuse attacks, fine-grained code randomization has not been deployed widely due to compatibility as well as performance concerns. Previous techniques often needed source code access to achieve good performance, but this breaks compatibility with today's binary-based software distribution and update mechanisms. Moreover, previous techniques break C++ exceptions and stack tracing, which are crucial for practical deployment. In this paper, we first propose a new, tunable randomization technique called LLR(k) that is compatible with these features. Since the metadata needed to support exceptions/stack-tracing can reveal considerable information about code layout, we propose a new entropy metric that accounts for leaks of this metadata. We then present a novel metadata reduction technique to significantly increase entropy without degrading exception handling. This enables LLR(k) to achieve strong entropy with a low overhead of 2.26%.

AB - Despite its effectiveness against code reuse attacks, fine-grained code randomization has not been deployed widely due to compatibility as well as performance concerns. Previous techniques often needed source code access to achieve good performance, but this breaks compatibility with today's binary-based software distribution and update mechanisms. Moreover, previous techniques break C++ exceptions and stack tracing, which are crucial for practical deployment. In this paper, we first propose a new, tunable randomization technique called LLR(k) that is compatible with these features. Since the metadata needed to support exceptions/stack-tracing can reveal considerable information about code layout, we propose a new entropy metric that accounts for leaks of this metadata. We then present a novel metadata reduction technique to significantly increase entropy without degrading exception handling. This enables LLR(k) to achieve strong entropy with a low overhead of 2.26%.

KW - Binary instrumentation

KW - Code randomization

KW - Code reuse exploits

KW - Exception compatibility.

UR - https://www.scopus.com/pages/publications/85097715395

U2 - 10.1145/3427228.3427292

DO - 10.1145/3427228.3427292

M3 - Conference contribution

T3 - ACM International Conference Proceeding Series

SP - 401

EP - 414

BT - Proceedings - 36th Annual Computer Security Applications Conference, ACSAC 2020

PB - Association for Computing Machinery

T2 - 36th Annual Computer Security Applications Conference, ACSAC 2020

Y2 - 7 December 2020 through 11 December 2020

ER -

Practical Fine-Grained Binary Code Randomization

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this