Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Protecting Instruction Set Randomization from Code Reuse Attacks
KTH, School of Electrical Engineering and Computer Science (EECS), Theoretical Computer Science, TCS.
2018 (English)In: 23rd Nordic Conference on Secure IT Systems, NordSec 2018, Springer Verlag , 2018, p. 421-436Conference paper, Published paper (Refereed)
Abstract [en]

Instruction Set Randomization (ISR) prevents code injection by randomizing the instruction encoding used by programs, thus preventing an attacker from preparing a payload that can be injected in a victim. In this paper we show that code-reuse attacks can be used to circumvent existing ISR techniques and we demonstrate these attacks on an ARMv7 CPU that has been extended with ISR support. To counter this treat, we propose a new ISR that does not have the same vulnerabilities as the existing solutions, imposes moderate decryption cost, does not require additional memory per instruction, and affords efficient random access to the encrypted code. These properties enable efficient hardware implementation of our solution. In order to evaluate our proposal, we implement the new ISR in a hardware simulator and we compare its overhead with respect to existing ISR. 

Place, publisher, year, edition, pages
Springer Verlag , 2018. p. 421-436
Keywords [en]
Code injection, Code-reuse attacks, Instruction Set Randomization, Cryptography, Hardware, Random access storage, Random processes, Code reuse, Hardware implementations, Hardware simulators, Instruction encoding, Instruction-set randomization, Random access, Codes (symbols)
National Category
Computer Engineering
Identifiers
URN: urn:nbn:se:kth:diva-247459DOI: 10.1007/978-3-030-03638-6_26Scopus ID: 2-s2.0-85057419569ISBN: 9783030036379 (print)OAI: oai:DiVA.org:kth-247459DiVA, id: diva2:1301958
Conference
28 November 2018 through 30 November 2018
Projects
Trustfull
Note

QC 20190403

Available from: 2019-04-03 Created: 2019-04-03 Last updated: 2019-10-02

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopushttps://securitylab.no/nordsec18/

Authority records BETA

Guanciale, Roberto

Search in DiVA

By author/editor
Guanciale, Roberto
By organisation
Theoretical Computer Science, TCS
Computer Engineering

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 88 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf