TY - GEN
T1 - Fast and space-efficient defense against Jump-oriented Programming attacks
AU - Kim, Jeehong
AU - Eom, Young Ik
N1 - Publisher Copyright:
© 2015 IEEE.
PY - 2015/3/30
Y1 - 2015/3/30
N2 - Recently, Jump-oriented Programming (JOP) attack has become widespread in various systems including server, desktop, and smart devices. JOP attack rearranges existing code snippets in program to make gadget sequences, and hijacks control flow of program by chaining and executing gadget sequences consecutively. However, existing defense schemes have limitations such as high execution overhead, high binary size increase overhead, and low applicability. In this paper, to solve these problems, we introduce target shepherding, which is a fast and space-efficient defender against general JOP attack. Our defense scheme generates monitoring code to determine whether the target is legitimate or not just before each indirect jump instruction at compile time, and then checks whether a control flow has been subverted by JOP attack at run time. We achieved very low run-time overhead with very small increase in file size. In our experimental results, the performance overhead is 2.36% and the file size overhead is 5.82% with secure execution.
AB - Recently, Jump-oriented Programming (JOP) attack has become widespread in various systems including server, desktop, and smart devices. JOP attack rearranges existing code snippets in program to make gadget sequences, and hijacks control flow of program by chaining and executing gadget sequences consecutively. However, existing defense schemes have limitations such as high execution overhead, high binary size increase overhead, and low applicability. In this paper, to solve these problems, we introduce target shepherding, which is a fast and space-efficient defender against general JOP attack. Our defense scheme generates monitoring code to determine whether the target is legitimate or not just before each indirect jump instruction at compile time, and then checks whether a control flow has been subverted by JOP attack at run time. We achieved very low run-time overhead with very small increase in file size. In our experimental results, the performance overhead is 2.36% and the file size overhead is 5.82% with secure execution.
KW - Code Reuse Attack
KW - Jump-oriented Programming
KW - Return-oriented Programming
KW - Software Security
UR - https://www.scopus.com/pages/publications/84928165300
U2 - 10.1109/35021BIGCOMP.2015.7072839
DO - 10.1109/35021BIGCOMP.2015.7072839
M3 - Conference contribution
AN - SCOPUS:84928165300
T3 - 2015 International Conference on Big Data and Smart Computing, BIGCOMP 2015
SP - 7
EP - 10
BT - 2015 International Conference on Big Data and Smart Computing, BIGCOMP 2015
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2015 International Conference on Big Data and Smart Computing, BIGCOMP 2015
Y2 - 9 February 2015 through 11 February 2015
ER -