TU Darmstadt / ULB / TUbiblio

HardScope: Thwarting DOP with Hardware-assisted Run-time Scope Enforcement

Nyman, Thomas ; Dessouky, Ghada ; Zeitouni, Shaza ; Lehikoinen, Aaro ; Paverd, Andrew ; Asokan, N. ; Sadeghi, Ahmad-Reza :
HardScope: Thwarting DOP with Hardware-assisted Run-time Scope Enforcement.
In: DAC 2019, June, 2.-6., Las Vegas, USA.
[ Konferenzveröffentlichung] , (2019)

Kurzbeschreibung (Abstract)

Widespread use of memory unsafe programming languages (e.g., C and C++) leaves many systems vulnerable to memory corruption attacks. A variety of defenses have been proposed to mitigate attacks that exploit memory errors to hijack the control flow of the code at run-time, e.g., (fine-grained) randomization or Control Flow Integrity. However, recent work on data-oriented programming (DOP) demonstrated highly expressive (Turing-complete) attacks, even in the presence of these state-of-the-art defenses. Although multiple real-world DOP attacks have been demonstrated, no efficient defenses are yet available. We propose run-time scope enforcement (RSE), a novel approach designed to efficiently mitigate all currently known DOP attacks by enforcing compile-time memory safety constraints (e.g., variable visibility rules) at run-time. We present HardScope, a proof-of-concept implementation of hardware-assisted RSE for the new RISC-V open instruction set architecture. We discuss our systematic empirical evaluation of HardScope which demonstrates that it can mitigate all currently known DOP attacks, and has a real-world performance overhead of 3.2% in embedded benchmarks.

Typ des Eintrags: Konferenzveröffentlichung ( nicht bekannt)
Erschienen: 2019
Autor(en): Nyman, Thomas ; Dessouky, Ghada ; Zeitouni, Shaza ; Lehikoinen, Aaro ; Paverd, Andrew ; Asokan, N. ; Sadeghi, Ahmad-Reza
Titel: HardScope: Thwarting DOP with Hardware-assisted Run-time Scope Enforcement
Sprache: Englisch
Kurzbeschreibung (Abstract):

Widespread use of memory unsafe programming languages (e.g., C and C++) leaves many systems vulnerable to memory corruption attacks. A variety of defenses have been proposed to mitigate attacks that exploit memory errors to hijack the control flow of the code at run-time, e.g., (fine-grained) randomization or Control Flow Integrity. However, recent work on data-oriented programming (DOP) demonstrated highly expressive (Turing-complete) attacks, even in the presence of these state-of-the-art defenses. Although multiple real-world DOP attacks have been demonstrated, no efficient defenses are yet available. We propose run-time scope enforcement (RSE), a novel approach designed to efficiently mitigate all currently known DOP attacks by enforcing compile-time memory safety constraints (e.g., variable visibility rules) at run-time. We present HardScope, a proof-of-concept implementation of hardware-assisted RSE for the new RISC-V open instruction set architecture. We discuss our systematic empirical evaluation of HardScope which demonstrates that it can mitigate all currently known DOP attacks, and has a real-world performance overhead of 3.2% in embedded benchmarks.

Band: abs/1705.10295
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik
20 Fachbereich Informatik > Systemsicherheit
Profilbereiche
Profilbereiche > Cybersicherheit (CYSEC)
Veranstaltungstitel: DAC 2019
Veranstaltungsort: Las Vegas, USA
Veranstaltungsdatum: June, 2.-6.
Hinterlegungsdatum: 04 Feb 2019 08:16
DOI: https://arxiv.org/abs/1705.10295
Export:

Optionen (nur für Redakteure)

Eintrag anzeigen Eintrag anzeigen