File Download
There are no files associated with this item.
SFX Link
- Find it @ UNIST can give you direct access to the published full text of this article. (UNISTARs only)
- Moon, Hyungon
- Computer Systems Security Lab.
Views & Downloads
Detailed Information
Cited time in 
Cited time in 
Cited time in
Metadata Downloads
Hardware Assisted Randomization of Data
- Author(s)
- Belleville, Brian, Moon, Hyungon, Shin, Jangseop, Hwang, Dongil, Nash, Joseph Michael, Jung, Seonhwa, Na, Yeoul, Volckaert, Stijn, Larsen, Per, Paek, Yunheung, Franz, Michael
- Issued Date
- 2018-09-11
- Citation
- International Symposium on Research in Attacks, Intrusions and Defenses, pp.337 - 358
- Abstract
- Data-oriented attacks are gaining traction thanks to advances in code-centric mitigation techniques for memory corruption vulnerabilities. Previous work on mitigating data-oriented attacks includes Data Space Randomization (DSR). DSR classifies program variables into a set of equivalence classes, and encrypts variables with a key randomly chosen for each equivalence class. This thwarts memory corruption attacks that introduce illegitimate data flows. However, existing implementations of DSR trade precision for better run-time performance, which leaves attackers sufficient leeway to mount attacks. In this paper, we show that high precision and good run-time performance are not mutually exclusive. We present HARD, a precise and efficient hardware-assisted implementation of DSR. HARD distinguishes a larger number of equivalence classes, and incurs lower run-time overhead than software-only DSR. Our implementation achieves run-time overheads of just 6.61% on average, while the software version with the same protection costs 40.96%.
- Publisher
- 21st International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2018
- ISSN
- 0302-9743
Items in Repository are protected by copyright, with all rights reserved, unless otherwise indicated.