Remix: On-demand Live Randomization

3 years 19 days ago
Remix: On-demand Live Randomization
Code randomization is an effective defense against code reuse attacks. It scrambles program code to prevent attackers from locating useful functions or gadgets. The key to secure code randomization is achieving high entropy. A practical approach to boost entropy is on-demand live randomization that works on running processes. However, enabling live randomization is challenging in that it often requires manual efforts to solve ambiguity in identifying function pointers. In this paper, we propose Remix, an efficient and practical live randomization system for both user processes and kernel modules. Remix randomly shuffles basic blocks within their respective functions. By doing so, it avoids the complexity of migrating stale function pointers, and allows mixing randomized and non-randomized code to strike a balance between performance and security. Remix randomizes a running process in two steps: it first randomly reorders its basic blocks, and then comprehensively migrates live poin...
Yue Chen, Zhi Wang, David Whalley, Long Lu
Added 31 Mar 2016
Updated 31 Mar 2016
Type Journal
Year 2016
Authors Yue Chen, Zhi Wang, David Whalley, Long Lu
Comments (0)