Security through emulation-based processor diversification

Héctor Marco, Ismael Ripoll, David de Andrés, Juan Carlos Ruiz

Research output: Chapter in Book/Report/Conference proceedingChapter

1 Citation (Scopus)

Abstract

Memory errors, such as stack and integer vulnerabilities, still rank among the top most dangerous software security issues. Existing protection techniques, like Address Space Layout Randomization and Stack-Smashing Protection, prevent potential intrusions by crashing applications when anomalous behaviors are detected. Unfortunately, typical networking server architectures, such those used on Web servers ones, limit the effectiveness of such countermeasures. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on different hardware architectures. This paper proposes a novel strategy to thwart memory error exploitation by dynamically changing, upon crash detection, the variant executing the networking server. Required software diversification among variants is obtained using off-the-shelf cross-compilation suites, whereas hardware diversification relies on processor emulation. The proposed case study shows the feasibility and effectiveness of the approach to reduce the likelihood, and in some cases even prevent the possibility, of exploiting memory errors.
Original languageEnglish
Title of host publicationEmerging Trends in ICT Security
EditorsBabak Akhgar, Hamid Arabnia
PublisherElsevier B.V.
Pages335-357
Number of pages23
Edition1st
ISBN (Electronic) 9780124104877
ISBN (Print) 9780124114746
Publication statusPublished - 25 Nov 2013
Externally publishedYes

Publication series

NameEmerging Trends in Computer Science and Applied Computing
PublisherElsevier

Fingerprint Dive into the research topics of 'Security through emulation-based processor diversification'. Together they form a unique fingerprint.

  • Cite this

    Marco, H., Ripoll, I., de Andrés, D., & Ruiz, J. C. (2013). Security through emulation-based processor diversification. In B. Akhgar, & H. Arabnia (Eds.), Emerging Trends in ICT Security (1st ed., pp. 335-357). [Chapter 21] (Emerging Trends in Computer Science and Applied Computing). Elsevier B.V.. https://www.elsevier.com/books/emerging-trends-in-ict-security/akhgar/978-0-12-411474-6