scholarly journals Lightweight and Seamless Memory Randomization for Mission-Critical Services in a Cloud Platform

Energies ◽  
2020 ◽  
Vol 13 (6) ◽  
pp. 1332
Author(s):  
Joobeom Yun ◽  
Ki-Woong Park ◽  
Dongyoung Koo ◽  
Youngjoo Shin
Keyword(s):  
Effective Means ◽  
Cloud Platform ◽  
Code Reuse ◽  
Source Codes ◽  
Software Vulnerabilities ◽  
Computing Services ◽  
Fundamental Limitations ◽  
Mission Critical ◽  
Space Layout ◽  
Address Space Layout Randomization

Nowadays, various computing services are often hosted on cloud platforms for their availability and cost effectiveness. However, such services are frequently exposed to vulnerabilities. Therefore, many countermeasures have been invented to defend against software hacking. At the same time, more complicated attacking techniques have been created. Among them, code-reuse attacks are still an effective means of abusing software vulnerabilities. Although state-of-the-art address space layout randomization (ASLR) runtime-based solutions provide a robust way to mitigate code-reuse attacks, they have fundamental limitations; for example, the need for system modifications, and the need for recompiling source codes or restarting processes. These limitations are not appropriate for mission-critical services because a seamless operation is very important. In this paper, we propose a novel ASLR technique to provide memory rerandomization without interrupting the process execution. In addition, we describe its implementation and evaluate the results. In summary, our method provides a lightweight and seamless ASLR for critical service applications.

scholarly journals Selfrando: Securing the Tor Browser against De-anonymization Exploits

2016 ◽  
Vol 2016 (4) ◽  
pp. 454-469 ◽  
Author(s):  
Mauro Conti ◽  
Stephen Crane ◽  
Tommaso Frassetto ◽  
Andrei Homescu ◽  
Georg Koppen ◽  
...  
Keyword(s):  
Civil Rights ◽  
Field Testing ◽  
Free World ◽  
Address Space ◽  
Software Vulnerabilities ◽  
Government Organizations ◽  
Attack Surface ◽  
Space Layout ◽  
The One ◽  
Address Space Layout Randomization

Abstract Tor is a well-known anonymous communication system used by millions of users, including journalists and civil rights activists all over the world. The Tor Browser gives non-technical users an easy way to access the Tor Network. However, many government organizations are actively trying to compromise Tor not only in regions with repressive regimes but also in the free world, as the recent FBI incidents clearly demonstrate. Exploiting software vulnerabilities in general, and browser vulnerabilities in particular, constitutes a clear and present threat to the Tor software. The Tor Browser shares a large part of its attack surface with the Firefox browser. Therefore, Firefox vulnerabilities (even patched ones) are highly valuable to attackers trying to monitor users of the Tor Browser. In this paper, we present selfrando-an enhanced and practical load-time randomization technique for the Tor Browser that defends against exploits, such as the one FBI allegedly used against Tor users. Our solution significantly improves security over standard address space layout randomization (ASLR) techniques currently used by Firefox and other mainstream browsers. Moreover, we collaborated closely with the Tor Project to ensure that selfrando is fully compatible with AddressSanitizer (ASan), a compiler feature to detect memory corruption. ASan is used in a hardened version of Tor Browser for test purposes. The Tor Project decided to include our solution in the hardened releases of the Tor Browser, which is currently undergoing field testing.

scholarly journals An experimental evaluation of the impact of the EDoS attacks against cloud computing services using AWS

2017 ◽  
Vol 7 (1.5) ◽  
pp. 202 ◽  
Author(s):  
Suneetha Bulla ◽  
B. Basaveswara Rao ◽  
K. Gangadhara Rao ◽  
K. Chandan
Keyword(s):  
Cloud Computing ◽  
Cloud Platform ◽  
Test Bed ◽  
Computing Services ◽  
Trial Test ◽  
Edos Attacks ◽  
Cloud Computing Services ◽  
Single Category ◽  
The One ◽  
The Impact

Cloud computing is that the one among the quickest making and rising development in IT trade on pay-as – you-go premise. Flexibility is that the one among the properties of the cloud computing, it exhibits the response for DDoS ambush and created new quite strike significantly EDoS assault .This paper displays the impact of EDoS assaults on the cloud computing services, touching on single category of service. A check demonstrate was made public, performed associated contrasted and an expositive lining model. The trial test-bed was directed on Amazon internet Services cloud platform, it catches the cloud edges and incorporates range of execution measurements and value measurements, as an instance, range of running cases on the cloud, latency or latency , usage of distributed computing assets, throughput, and also the caused value as a result of the assault. The outcomes square measure introduced and conclusions square measure talked concerning.

scholarly journals Address Space Layout Randomization Comparative Analysis on Windows 10 and Ubuntu 18.04 LTS

2021 ◽  
Vol 7 (1) ◽  
pp. 26
Author(s):  
Raquel Vázquez Díaz ◽  
Martiño Rivera-Dourado ◽  
Rubén Pérez-Jove ◽  
Pilar Vila Avendaño ◽  
José M. Vázquez-Naya
Keyword(s):  
Operating System ◽  
Comparative Analysis ◽  
Operating Systems ◽  
Memory Management ◽  
Address Space ◽  
Memory Protection ◽  
Partial Correlations ◽  
Feature Memory ◽  
Space Layout ◽  
Address Space Layout Randomization

Memory management is one of the main tasks of an Operating System, where the data of each process running in the system is kept. In this context, there exist several types of attacks that exploit memory-related vulnerabilities, forcing Operating Systems to feature memory protection techniques that make difficult to exploit them. One of these techniques is ASLR, whose function is to introduce randomness into the virtual address space of a process. The goal of this work was to measure, analyze and compare the behavior of ASLR on the 64-bit versions of Windows 10 and Ubuntu 18.04 LTS. The results have shown that the implementation of ASLR has improved significantly on these two Operating Systems compared to previous versions. However, there are aspects, such as partial correlations or a frequency distribution that is not always uniform, so it can still be improved.

scholarly journals Fine-grained address space layout randomization on program load

2017 ◽  
Vol 29 (6) ◽  
pp. 163-182
Author(s):  
A.R. Nurmukhametov ◽  
E.A. Zhabotinskiy ◽  
Sh. F. Kurmangaleev ◽  
S.S. Gaissaryan ◽  
A.V. Vishnyakov
Keyword(s):  
Address Space ◽  
Fine Grained ◽  
Program Load ◽  
Space Layout ◽  
Address Space Layout Randomization

scholarly journals Securely Sharing Randomized Code that Flies

2021 ◽  
Author(s):  
Christopher J ◽  
Jinwoo Yom ◽  
Changwoo Min ◽  
Yeongjin Jang
Keyword(s):  
Role Model ◽  
Code Transformations ◽  
Early Return ◽  
Security Hardening ◽  
Code Sharing ◽  
Time Diversification ◽  
Space Layout ◽  
Integrated Or ◽  
Address Space Layout Randomization ◽  
With Memory

Address Space Layout Randomization (ASLR) was a great role model being a light-weight defense technique that could prevent early return-oriented programming attacks. Simple yet effective, ASLR was quickly widely-adopted. Conversely, today only a trickle of defense techniques are being integrated or adopted mainstream. As code reuse attacks have evolved, defenses have strived to keep up. To do so, many have had to take unfavorable tradeoffs like using background threads or protecting only a subset of sensitive code. In reality, these tradeoffs were unavoidable steps necessary to improve the strength of the state-of-the-art. We present Goose, an on-demand system-wide runtime re-randomization technique capable of scalable protection of application as well as shared library code most defenses have forgone. We achieve code sharing with diversification by implementing reactive and scalable, rather than continuous or one-time diversification. Enabling code sharing further removes redundant computation like tracking, patching, along with memory overheads required by prior randomization techniques. In its baseline state, the code transformations needed for Goose security hardening incur a reasonable performance overhead of 5.5% on SPEC and minimal degradation of 4.4% in NGINX, demonstrating its applicability to both compute-intensive and scalable real-world applications. Even when under attack, Goose only adds from less than 1% up to 15% depending on application complexity.

A Function Level Randomization Technique to Mitigate ROP Attacks

2013 ◽  
Vol 765-767 ◽  
pp. 871-878
Author(s):  
Liang Xiao ◽  
Xun Zhan ◽  
Tao Zheng
Keyword(s):  
Binary Code ◽  
Buffer Overflow ◽  
Target System ◽  
Limited Time ◽  
Brute Force ◽  
Address Space ◽  
Return Oriented Programming ◽  
Space Layout ◽  
Address Space Layout Randomization

ROP (Return-Oriented Programming) is a kind of attack technique which makes use of the existing binary code of target systems. ASLR (Address Space Layout Randomization) is widely used to protect systems from buffer-overflow attacks by introducing artificial diversity to software. With ASLR software can be immune from ROP attacks to some extent. Due to the fact that ASLR cant randomize base addresses of executables code segments and its utility on 32-bit architectures is limited by the number of bits available for address randomization, attackers can successfully exploit a target system by using brute force in limited time. Thus, we proposed FLR, a function level randomization technique to mitigate ROP attacks. FLR randomly permutes functions in executables, making attackers assumptions on executables incorrect. We implemented a prototype of FLR and randomized ten executables. ROP attacks succeeded without FLR and failed with FLR.

scholarly journals Design and Implementation of Fast Fault Detection in Cloud Infrastructure for Containerized IoT Services

Sensors ◽  
2020 ◽  
Vol 20 (16) ◽  
pp. 4592
Author(s):  
Hyunsik Yang ◽  
Younghan Kim
Keyword(s):  
Fault Detection ◽  
Cloud Services ◽  
Performance Measurements ◽  
Cloud Infrastructure ◽  
V2v Communication ◽  
Computing Services ◽  
Vehicle To Vehicle ◽  
Industrial Iot ◽  
Mission Critical ◽  
The Internet Of Things

The container-based cloud is used in various service infrastructures as it is lighter and more portable than a virtual machine (VM)-based infrastructure and is configurable in both bare-metal and VM environments. The Internet-of-Things (IoT) cloud-computing infrastructure is also evolving from a VM-based to a container-based infrastructure. In IoT clouds, the service availability of the cloud infrastructure is more important for mission-critical IoT services, such as real-time health monitoring, vehicle-to-vehicle (V2V) communication, and industrial IoT, than for general computing services. However, in the container environment that runs on a VM, the current fault detection method only considers the container’s infra, thus limiting the level of availability necessary for the performance of mission-critical IoT cloud services. Therefore, in a container environment running on a VM, fault detection and recovery methods that consider both the VM and container levels are necessary. In this study, we analyze the fault-detection architecture in a container environment and designed and implemented a Fast Fault Detection Manager (FFDM) architecture using OpenStack and Kubernetes for realizing fast fault detection. Through performance measurements, we verified that the FFDM can improve the fault detection time by more than three times over the existing method.

Sign in / Sign up

Export Citation Format

Share Document