Authors:
Brady Tello
;
Michael Winterrose
;
George Baah
and
Michael Zhivich
Affiliation:
MIT Lincoln Laboratory, United States
Keyword(s):
Security, Multi-compiler, Optimization.
Related
Ontology
Subjects/Areas/Topics:
Application Domains
;
Case Studies
;
Computer-Supported Education
;
Enterprise Information Systems
;
Formal Methods
;
Health Engineering and Technology Applications
;
Information Systems Analysis and Specification
;
Information Technologies Supporting Learning
;
Military and Defense
;
Neural Rehabilitation
;
Neurotechnology, Electronics and Informatics
;
Risk Analysis
;
Security
;
Security and Privacy
;
Serious Games
;
Simulation and Modeling
;
Simulation Tools and Platforms
Abstract:
Periodic randomization of a computer program’s binary code is an attractive technique for defending against several classes of advanced threats. In this paper we describe a model of attacker-defender interaction in which the defender employs such a technique against an attacker who is actively constructing an exploit using Return Oriented Programming (ROP). In order to successfully build a working exploit, the attacker must guess the locations of several small chunks of program code (i.e., gadgets) in the defended program’s memory space. As the attacker continually guesses, the defender periodically rotates to a newly randomized variant of the program, effectively negating any gains the attacker made since the last rotation. Although randomization makes the attacker’s task more difficult, it also incurs a cost to the defender. As such, the defender’s goal is to find an acceptable balance between utility degradation (cost) and security (benefit). One way to measure these two competing
factors is the total task latency introduced by both the attacker and any defensive measures taken to thwart him. We simulated a number of diversity strategies under various threat scenarios and present the measured impact on the defender’s task.
(More)