Fine Grained Address Space Layout Randomization Using Noncontiguous Per-Function Memory Segment Assignment

Outlet Title

2025 IEEE 22nd Consumer Communications & Networking Conference (CCNC)

Document Type

Conference Proceeding

Publication Date

2025

Abstract

Address Space Layout Randomization (ASLR) is a popular exploit mitigation provided by most modern operating systems today. It works by randomizing the base address of position-independent code and data segments loaded in memory at run-time to make it more difficult for an attacker to guess their locations. This design choice makes ASLR fast and efficient, but suffers from a major flaw: If an attacker can leak any pointer to the randomized memory mapping, they can easily calculate the corresponding base address, and in turn calculate the address of any other code or data in that segment, rendering the protection mechanism entirely useless. This paper proposes a novel Fine Grained Address Space Layout Randomization (FG-ASLR) solution utilizing noncontiguous per-function memory segment assignment. This allows code to be randomized at the function level quickly and efficiently, leveraging existing operating system mechanisms, and enhancing security without significantly impacting system performance. The evaluation shows that FG-ASLR using noncontiguous per-function memory assignment is indeed possible for real-world software, does not pose an insurmountable performance impact in load-time, run-time, memory usage, or disk usage, and indeed enhances the security of the programs to which it is applied.

Link to Full Text

Share

COinS