Andrew Kramer

Date of Award

Spring 5-2024

Document Type

Dissertation

Degree Name

Doctor of Philosophy in Computer Science (PHDCS)

First Advisor

Yong Wang

Second Advisor

Stephen Krebsbach

Third Advisor

Tom Halverson

Fourth Advisor

Varghese Vaidyan

Abstract

Address Space Layout Randomization (ASLR) is a popular exploit mitigation provided by most modern operating systems today. ASLR works by randomizing the base address of position-independent code and data segments loaded in memory at run-time in order to make it more difficult for an attacker to guess their locations.

This design choice makes ASLR fast and efficient, but suffers from a major flaw: If an attacker is able to leak any pointer to the randomized memory mapping, they can easily calculate the corresponding base address, and in turn calculate the address of any other code or data in that segment, rendering the protection mechanism entirely useless. In other words, ASLR fails completely in the presence of even a single memory leak vulnerability.

One proposed solution to this problem, commonly referred to as Fine Grained Address Space Layout Randomization (FG-ASLR), is to increase the granularity with which randomization is applied, for instance by randomizing code and data down to the function or basic block level. Many proposals exist, but all suffer from some fatal flaw impacting overall security improvement, load-time performance, run-time performance, memory usage, or disk usage, making them imperfect.

This project proposes a novel FG-ASLR solution utilizing non-contiguous per-function memory segment assignment. This allows code to be randomized at the function level quickly and efficiently, leveraging existing operating system mechanisms, enhancing security without significantly impacting system performance.

Download

Share

COinS