loading
Documents

Research.Publish.Connect.

Paper

Authors: Angelo Sapello 1 ; C. Jason Chiang 1 ; Jesse Elwell 1 ; Abhrajit Ghosh 1 ; Ayumu Kubota 2 and Takashi Matsunaka 2

Affiliations: 1 Vencore Labs, United States ; 2 KDDI R&D Laboratories, Japan

ISBN: 978-989-758-243-1

Keyword(s): Return Oriented Programming, ROP Mitigation, Program Randomization.

Abstract: As cloud computing environments move towards securing against simplistic threats, adversaries are moving towards more sophisticated attacks such as ROP (Return Oriented Programming). In this paper we propose the LIve Text Page-level Re-ordering (LITPR) system for prevention of ROP style attacks and in particular the largely unaddressed Blind ROP attacks on applications running on cloud servers. ROP and BROP, respectively, bypass protections such as DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) that are offered by the Linux operating system and can be used to perform arbitrary malicious actions against it. LITPR periodically randomizes the in-memory locations of application and kernel code, at run time, to ensure that both ROP and BROP style attacks are unable to succeed. This is a dramatic change relative to ASLR which is a load time randomization technique.

PDF ImageFull Text

Download
Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.85.143.239

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Sapello, A.; Chiang, C.; Chiang, C.; Elwell, J.; Ghosh, A.; Kubota, A. and Matsunaka, T. (2017). ROP Defense in the Cloud through LIve Text Page-level Re-ordering - The LITPR System.In Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-243-1, pages 219-228. DOI: 10.5220/0006305402190228

@conference{closer17,
author={Angelo Sapello. and C. Jason Chiang. and C. Jason Chiang. and Jesse Elwell. and Abhrajit Ghosh. and Ayumu Kubota. and Takashi Matsunaka.},
title={ROP Defense in the Cloud through LIve Text Page-level Re-ordering - The LITPR System},
booktitle={Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2017},
pages={219-228},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006305402190228},
isbn={978-989-758-243-1},
}

TY - CONF

JO - Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - ROP Defense in the Cloud through LIve Text Page-level Re-ordering - The LITPR System
SN - 978-989-758-243-1
AU - Sapello, A.
AU - Chiang, C.
AU - Chiang, C.
AU - Elwell, J.
AU - Ghosh, A.
AU - Kubota, A.
AU - Matsunaka, T.
PY - 2017
SP - 219
EP - 228
DO - 10.5220/0006305402190228

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.