Climate Change Data Portal
| SafeHidden: An Efficient and Secure Information Hiding Technique Using Re-randomization | |
Wang, Zhe; Wu, Chenggang; Zhang, Yinqian; Tang, Bowen; Yew, Pen-Chung; Xie, Mengyao; Lai, Yuanming ; Kang, Yan; Cheng, Yueqiang; Shi, Zhiping
| |
| 发表日期 | 2019 |
| 起始页码 | 1239 |
| 结束页码 | 1256 |
| 英文摘要 | Information hiding (IH) is an important building block for many defenses against code reuse attacks, such as code-pointer integrity (CPI), control-flow integrity (CFI) and fine-grained code (re-)randomization, because of its effectiveness and performance. It employs randomization to probabilistically hide sensitive memory areas, called safe areas, from attackers and ensures their addresses are not leaked by any pointers directly. These defenses used safe areas to protect their critical data, such as jump targets and randomization secrets. However, recent works have shown that IH is vulnerable to various attacks. In this paper, we propose a new IH technique called Safe-Hidden. It continuously re-randomizes the locations of safe areas and thus prevents the attackers from probing and inferring the memory layout to find its location. A new thread-private memory mechanism is proposed to isolate the thread-local safe areas and prevent adversaries from reducing the randomization entropy. It also randomizes the safe areas after the TLB misses to prevent attackers from inferring the address of safe areas using cache side-channels. Existing IH-based defenses can utilize SafeHidden directly without any change. Our experiments show that SafeHidden not only prevents existing attacks effectively but also incurs low performance overhead. |
| 语种 | 英语 |
| WOS研究方向 | Computer Science |
| WOS类目 | Computer Science, Information Systems |
| WOS记录号 | WOS:000509775000071 |
| 来源期刊 | PROCEEDINGS OF THE 28TH USENIX SECURITY SYMPOSIUM
 |
| 文献类型 | 期刊论文 |
| 条目标识符 | http://gcip.llas.ac.cn/handle/2XKMVOVA/239458 |
| 作者单位 | [Wang, Zhe; Wu, Chenggang; Tang, Bowen; Xie, Mengyao; Lai, Yuanming; Kang, Yan] Chinese Acad Sci, Inst Comp Technol, State Key Lab Comp Architecture, Beijing, Peoples R China; [Wang, Zhe; Wu, Chenggang; Tang, Bowen; Xie, Mengyao; Lai, Yuanming; Kang, Yan] Univ Chinese Acad Sci, Beijing, Peoples R China; [Zhang, Yinqian] Ohio State Univ, Columbus, OH 43210 USA; [Yew, Pen-Chung] Univ Minnesota Twin Cities, Minneapolis, MN USA; [Cheng, Yueqiang] Baidu USA, Sunnyvale, CA USA; [Shi, Zhiping] Capital Normal Univ, Beijing, Peoples R China |
| 推荐引用方式 GB/T 7714 | Wang, Zhe,Wu, Chenggang,Zhang, Yinqian,et al. SafeHidden: An Efficient and Secure Information Hiding Technique Using Re-randomization[J],2019. |
| APA | Wang, Zhe.,Wu, Chenggang.,Zhang, Yinqian.,Tang, Bowen.,Yew, Pen-Chung.,...&Shi, Zhiping.(2019).SafeHidden: An Efficient and Secure Information Hiding Technique Using Re-randomization.PROCEEDINGS OF THE 28TH USENIX SECURITY SYMPOSIUM. |
| MLA | Wang, Zhe,et al."SafeHidden: An Efficient and Secure Information Hiding Technique Using Re-randomization".PROCEEDINGS OF THE 28TH USENIX SECURITY SYMPOSIUM (2019). |
| 条目包含的文件 | 条目无相关文件。 | |||||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
