Skip to main content
Article thumbnail
Location of Repository

Diversified Process Replicæ for Defeating Memory Error Exploits

By Danilo Bruschi, Lorenzo Cavallaro and Andrea Lanzi

Abstract

An interpretation of the notion of software diversity is based on the concept of diversified process replicæ. We define pr as the replica of a process p which behaves identically to p but has some “structural ” diversity from it. This makes possible to detect memory corruption attacks in a deterministic way. In our solution, p and pr differ in their address space which is properly diversified, thus defeating absolute and partial overwriting memory error exploits. We also give a characterization and a preliminary solution for shared memory management, one of the biggest practical issue introduced by this approach. Speculation on how to deal with synchronous signals delivery is faced as well. A user space proof-of-concept prototype has been implemented. Experimental results show a 68.93 % throughput slowdown on a worst-case, while experiencing only a 1.20 % slowdown on a best-case. 1

Year: 2008
OAI identifier: oai:CiteSeerX.psu:10.1.1.134.914
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://citeseerx.ist.psu.edu/v... (external link)
  • http://security.dico.unimi.it/... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.