Security through emulation-based processor diversification

Héctor Marco, Ismael Ripoll, David de Andrés, Juan Carlos Ruiz

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

Memory errors, such as stack and integer vulnerabilities, still rank among the top most dangerous software security issues. Existing protection techniques, like Address Space Layout Randomization and Stack-Smashing Protection, prevent potential intrusions by crashing applications when anomalous behaviors are detected. Unfortunately, typical networking server architectures, such those used on Web servers ones, limit the effectiveness of such countermeasures. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on different hardware architectures. This paper proposes a novel strategy to thwart memory error exploitation by dynamically changing, upon crash detection, the variant executing the networking server. Required software diversification among variants is obtained using off-the-shelf cross-compilation suites, whereas hardware diversification relies on processor emulation. The proposed case study shows the feasibility and effectiveness of the approach to reduce the likelihood, and in some cases even prevent the possibility, of exploiting memory errors.
Original languageEnglish
Title of host publicationEmerging Trends in ICT Security
EditorsBabak Akhgar, Hamid Arabnia
PublisherElsevier B.V.
Pages335-357
Number of pages23
Edition1st
ISBN (Electronic) 9780124104877
ISBN (Print) 9780124114746
Publication statusPublished - 25 Nov 2013
Externally publishedYes

Publication series

NameEmerging Trends in Computer Science and Applied Computing
PublisherElsevier

Fingerprint

Data storage equipment
Servers
Hardware

Cite this

Marco, H., Ripoll, I., de Andrés, D., & Ruiz, J. C. (2013). Security through emulation-based processor diversification. In B. Akhgar, & H. Arabnia (Eds.), Emerging Trends in ICT Security (1st ed., pp. 335-357). [Chapter 21] (Emerging Trends in Computer Science and Applied Computing). Elsevier B.V..
Marco, Héctor ; Ripoll, Ismael ; de Andrés, David ; Ruiz, Juan Carlos. / Security through emulation-based processor diversification. Emerging Trends in ICT Security. editor / Babak Akhgar ; Hamid Arabnia. 1st. ed. Elsevier B.V., 2013. pp. 335-357 (Emerging Trends in Computer Science and Applied Computing).
@inbook{9bd9d288ca654f18866adce8723e4e87,
title = "Security through emulation-based processor diversification",
abstract = "Memory errors, such as stack and integer vulnerabilities, still rank among the top most dangerous software security issues. Existing protection techniques, like Address Space Layout Randomization and Stack-Smashing Protection, prevent potential intrusions by crashing applications when anomalous behaviors are detected. Unfortunately, typical networking server architectures, such those used on Web servers ones, limit the effectiveness of such countermeasures. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on different hardware architectures. This paper proposes a novel strategy to thwart memory error exploitation by dynamically changing, upon crash detection, the variant executing the networking server. Required software diversification among variants is obtained using off-the-shelf cross-compilation suites, whereas hardware diversification relies on processor emulation. The proposed case study shows the feasibility and effectiveness of the approach to reduce the likelihood, and in some cases even prevent the possibility, of exploiting memory errors.",
author = "H{\'e}ctor Marco and Ismael Ripoll and {de Andr{\'e}s}, David and Ruiz, {Juan Carlos}",
year = "2013",
month = "11",
day = "25",
language = "English",
isbn = "9780124114746",
series = "Emerging Trends in Computer Science and Applied Computing",
publisher = "Elsevier B.V.",
pages = "335--357",
editor = "Babak Akhgar and Hamid Arabnia",
booktitle = "Emerging Trends in ICT Security",
address = "Netherlands",
edition = "1st",

}

Marco, H, Ripoll, I, de Andrés, D & Ruiz, JC 2013, Security through emulation-based processor diversification. in B Akhgar & H Arabnia (eds), Emerging Trends in ICT Security. 1st edn, Chapter 21, Emerging Trends in Computer Science and Applied Computing, Elsevier B.V., pp. 335-357.

Security through emulation-based processor diversification. / Marco, Héctor; Ripoll, Ismael; de Andrés, David; Ruiz, Juan Carlos.

Emerging Trends in ICT Security. ed. / Babak Akhgar; Hamid Arabnia. 1st. ed. Elsevier B.V., 2013. p. 335-357 Chapter 21 (Emerging Trends in Computer Science and Applied Computing).

Research output: Chapter in Book/Report/Conference proceedingChapter

TY - CHAP

T1 - Security through emulation-based processor diversification

AU - Marco, Héctor

AU - Ripoll, Ismael

AU - de Andrés, David

AU - Ruiz, Juan Carlos

PY - 2013/11/25

Y1 - 2013/11/25

N2 - Memory errors, such as stack and integer vulnerabilities, still rank among the top most dangerous software security issues. Existing protection techniques, like Address Space Layout Randomization and Stack-Smashing Protection, prevent potential intrusions by crashing applications when anomalous behaviors are detected. Unfortunately, typical networking server architectures, such those used on Web servers ones, limit the effectiveness of such countermeasures. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on different hardware architectures. This paper proposes a novel strategy to thwart memory error exploitation by dynamically changing, upon crash detection, the variant executing the networking server. Required software diversification among variants is obtained using off-the-shelf cross-compilation suites, whereas hardware diversification relies on processor emulation. The proposed case study shows the feasibility and effectiveness of the approach to reduce the likelihood, and in some cases even prevent the possibility, of exploiting memory errors.

AB - Memory errors, such as stack and integer vulnerabilities, still rank among the top most dangerous software security issues. Existing protection techniques, like Address Space Layout Randomization and Stack-Smashing Protection, prevent potential intrusions by crashing applications when anomalous behaviors are detected. Unfortunately, typical networking server architectures, such those used on Web servers ones, limit the effectiveness of such countermeasures. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on different hardware architectures. This paper proposes a novel strategy to thwart memory error exploitation by dynamically changing, upon crash detection, the variant executing the networking server. Required software diversification among variants is obtained using off-the-shelf cross-compilation suites, whereas hardware diversification relies on processor emulation. The proposed case study shows the feasibility and effectiveness of the approach to reduce the likelihood, and in some cases even prevent the possibility, of exploiting memory errors.

M3 - Chapter

SN - 9780124114746

T3 - Emerging Trends in Computer Science and Applied Computing

SP - 335

EP - 357

BT - Emerging Trends in ICT Security

A2 - Akhgar, Babak

A2 - Arabnia, Hamid

PB - Elsevier B.V.

ER -

Marco H, Ripoll I, de Andrés D, Ruiz JC. Security through emulation-based processor diversification. In Akhgar B, Arabnia H, editors, Emerging Trends in ICT Security. 1st ed. Elsevier B.V. 2013. p. 335-357. Chapter 21. (Emerging Trends in Computer Science and Applied Computing).