Ismael Ripoll 
Category: Assistant Professor (Titular de Universidad)
Phone: +34 963 879 218 / Internal: 79218 / Fax+34 963 877 579
Email: iripoll@upv.es
Location: Room 3N12, Building 1G, Universitat Politècnica de València.
Research: cybersecurity.upv.es.

Abstract

Memory errors, such as stack and integer vulnerabilities, still rank among the top most dangerous software security issues. Existing protection techniques, like Address Space Layout Randomization and Stack-Smashing Protection, prevent potential intrusions by crashing applications when anomalous behaviours are detected. Unfortunately, typical networking server architectures, such as web servers ones, limit the effectiveness of such countermeasures. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on different hardware architectures.

Protection by means of diversification (artistic draw).

We propose a novel strategy to thwart memory error exploitation by dynamically changing, upon crash detection, the variant executing the networking server. Required software diversification among variants is obtained using off-the-shelf cross-compilation suites, whereas hardware diversification relies on processor emulation. The proposed case study shows the feasibility and effectiveness of the approach to reduce the likelihood, and in some cases even prevent the possibility, of exploiting memory errors.

Benefits

What is the right decision when the server may be under attack?
Shall I
  1. shutdown the service, in order to prevent an intrusion, or
  2. maintain the continuity of the service, at the risk of a break-in?
We provide an effective solution to this issue:
Maintain the continuity, but switch to a degraded mode (with less thoughput, but much harder to break).

Key ideas

  1. The proposed approach relies on the use of already existing cross-compilers (the GCC toolchain suite) to generate variants, one for each target architecture.
  2. Each variant is executed by the corresponding system emulator.
  3. Our technique relies on the existing detection and protection techniques (stack-guard, ASLR, etc.).
  4. When an attack is detected (the process crashes) the service is attended by another variant.
Although it may seem cumbersome and hard to implement, thanks to the great advances in cross compiling and advanced emulation techniques our architecture can be realised using off-the-shelf tools.

Links

This, and other novel ideas and applications, will be published in an incoming book titled:''Emerging Trends in Information and Communication Technologies Security'' and published by Elsevier (Morgan Kaufmann). It is planed to be available by the end of 2013.
 
  Home