References & Citations
Computer Science > Cryptography and Security
Title: Using Name Confusion to Enhance Security
(Submitted on 5 Nov 2019 (v1), last revised 26 Aug 2020 (this version, v3))
Abstract: We introduce a novel concept, called Name Confusion, and demonstrate how it can be employed to thwart multiple classes of code-reuse attacks. By building upon Name Confusion, we derive Phantom Name System (PNS): a security protocol that provides multiple names (addresses) to program instructions. Unlike the conventional model of virtual memory with a one-to-one mapping between instructions and virtual memory addresses, PNS creates N mappings for the same instruction, and randomly switches between them at runtime. PNS achieves fast randomization, at the granularity of basic blocks, which mitigates a class of attacks known as (just-in-time) code-reuse.
If an attacker uses a memory safety-related vulnerability to cause any of the instruction addresses to be different from the one chosen during a fetch, the exploited program will crash. We quantitatively evaluate how PNS mitigates real-world code-reuse attacks by reducing the success probability of typical exploits to approximately $10^{-12}$. We implement PNS and validate it by running SPEC CPU2017 benchmark suite. We further verify its practicality by adding it to a RISC-V core on an FPGA. Lastly, PNS is mainly designed for resource constrained (wimpy) devices and has negligible performance overhead, compared to commercially-available, state-of-the-art, hardware-based protections.
Submission history
From: Miguel A. Arroyo [view email][v1] Tue, 5 Nov 2019 19:02:53 GMT (991kb,D)
[v2] Fri, 28 Feb 2020 05:39:44 GMT (990kb,D)
[v3] Wed, 26 Aug 2020 18:12:53 GMT (1023kb,D)
Link back to: arXiv, form interface, contact.