Memory errors, such as stack and integer vulnerabilities, still rank among the top most dangerous software security issues. Existing protection techniques, like Address Space Layout Randomization and Stack-Smashing Protection, prevent potential intrusions by crashing applications when anomalous behaviors are detected. Unfortunately, typical networking server architectures, such those used on Web servers ones, limit the effectiveness of such countermeasures. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on different hardware architectures. This paper proposes a novel strategy to thwart memory error exploitation by dynamically changing, upon crash detection, the variant executing the networking server. Required software diversification among variants is obtained using off-the-shelf cross-compilation suites, whereas hardware diversification relies on processor emulation. The proposed case study shows the feasibility and effectiveness of the approach to reduce the likelihood, and in some cases even prevent the possibility, of exploiting memory errors.
|Title of host publication||Emerging Trends in ICT Security|
|Editors||Babak Akhgar, Hamid Arabnia|
|Number of pages||23|
|Publication status||Published - 25 Nov 2013|
|Name||Emerging Trends in Computer Science and Applied Computing|
Marco, H., Ripoll, I., de Andrés, D., & Ruiz, J. C. (2013). Security through emulation-based processor diversification. In B. Akhgar, & H. Arabnia (Eds.), Emerging Trends in ICT Security (1st ed., pp. 335-357). [Chapter 21] (Emerging Trends in Computer Science and Applied Computing). Elsevier B.V..