登入
選單
返回
Google圖書搜尋
Emerging Trends in ICT Security
Héctor Marco
Ismael Ripoll
David de Andrés
Juan Carlos Ruiz
其他書名
Chapter 21. Security through Emulation-Based Processor Diversification
出版
Elsevier Inc. Chapters
, 2013-11-06
主題
Computers / Computer Architecture
Computers / Interactive & Multimedia
Computers / Security / Network Security
ISBN
0128070781
9780128070789
URL
http://books.google.com.hk/books?id=Elt2DAAAQBAJ&hl=&source=gbs_api
EBook
SAMPLE
註釋
Memory errors, such as stack and integer vulnerabilities, still rank among the top most dangerous software security issues. Existing protection techniques, like Address Space Layout Randomization and Stack-Smashing Protection, prevent potential intrusions by crashing applications when anomalous behaviors are detected. Unfortunately, typical networking server architectures, such those used on Web servers ones, limit the effectiveness of such countermeasures. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on different hardware architectures. This paper proposes a novel strategy to thwart memory error exploitation by dynamically changing, upon crash detection, the variant executing the networking server. Required software diversification among variants is obtained using off-the-shelf cross-compilation suites, whereas hardware diversification relies on processor emulation. The proposed case study shows the feasibility and effectiveness of the approach to reduce the likelihood, and in some cases even prevent the possibility, of exploiting memory errors.