scholarly journals Address Space Layout Randomization Comparative Analysis on Windows 10 and Ubuntu 18.04 LTS

2021 ◽  
Vol 7 (1) ◽  
pp. 26
Author(s):  
Raquel Vázquez Díaz ◽  
Martiño Rivera-Dourado ◽  
Rubén Pérez-Jove ◽  
Pilar Vila Avendaño ◽  
José M. Vázquez-Naya
Keyword(s):  
Operating System ◽  
Comparative Analysis ◽  
Operating Systems ◽  
Memory Management ◽  
Address Space ◽  
Memory Protection ◽  
Partial Correlations ◽  
Feature Memory ◽  
Space Layout ◽  
Address Space Layout Randomization

Memory management is one of the main tasks of an Operating System, where the data of each process running in the system is kept. In this context, there exist several types of attacks that exploit memory-related vulnerabilities, forcing Operating Systems to feature memory protection techniques that make difficult to exploit them. One of these techniques is ASLR, whose function is to introduce randomness into the virtual address space of a process. The goal of this work was to measure, analyze and compare the behavior of ASLR on the 64-bit versions of Windows 10 and Ubuntu 18.04 LTS. The results have shown that the implementation of ASLR has improved significantly on these two Operating Systems compared to previous versions. However, there are aspects, such as partial correlations or a frequency distribution that is not always uniform, so it can still be improved.

scholarly journals A Review of Memory Errors Exploitation in x86-64

Computers ◽  
2020 ◽  
Vol 9 (2) ◽  
pp. 48
Author(s):  
Conor Pirry ◽  
Hector Marco-Gisbert ◽  
Carolyn Begg
Keyword(s):  
Operating System ◽  
New Record ◽  
Address Space ◽  
Memory Errors ◽  
Memory Error ◽  
Full View ◽  
Buffer Overflows ◽  
Space Layout ◽  
Almost All ◽  
Address Space Layout Randomization

Memory errors are still a serious threat affecting millions of devices worldwide. Recently, bounty programs have reached a new record, paying up to USD 2.5 million for one single vulnerability in Android and up to USD 2 million for Apple’s operating system. In almost all cases, it is common to exploit memory errors in one or more stages to fully compromise those devices. In this paper, we review and discuss the importance of memory error vulnerabilities, and more specifically stack buffer overflows to provide a full view of how memory errors are exploited. We identify the root causes that make those attacks possible on modern x86-64 architecture in the presence of modern protection techniques. We have analyzed how unsafe library functions are prone to buffer overflows, revealing that although there are secure versions of those functions, they are not actually preventing buffer overflows from happening. Using secure functions does not result in software free from vulnerabilities and it requires developers to be security-aware. To overcome this problem, we discuss the three main security protection techniques present in all modern operating system; the non-eXecutable bit (NX), the Stack Smashing Protector (SSP) and the Address Space Layout Randomization (ASLR). After discussing their effectiveness, we conclude that although they provide a strong level of protection against classical exploitation techniques, modern attacks can bypass them.

scholarly journals Resource management and security issues in mobile phone operating systems: A comparative analysis

2017 ◽  
Author(s):  
Khalid Mahmood Awan ◽  
Muhammad Waqar ◽  
Muhammad Faseeh ◽  
Farman Ullah ◽  
Muhammad Qaiser Saleem
Keyword(s):  
Operating System ◽  
Comparative Analysis ◽  
Mobile Phone ◽  
Mobile Phones ◽  
Operating Systems ◽  
Memory Management ◽  
Human Life ◽  
Main Memory ◽  
Handheld Device ◽  
Memory Cache

Nowadays Mobile phones are becoming more popular in our daily lives. Mobile technology has a great effect on human life. Our daily tasks are dependent on mobile devices. Memory Management (MM), Security and Performance plays an important role in every handheld device specially in mobile phones, which are very much dependent on their operating system (OS). These embedded operating systems are on the driving seat when we talk about efficient and useful memory management and secure handling. Three popular OS in mobile phones are Android, Windows and iOS (iPhone OS). Each OS has its own way of managing the memory and provide it to certain number of applications. Android is an open software available for the people to modify as per their needs. But Windows and iOS operating systems didn’t allow their software as open source. Researchers have done a large amount of work using different mechanisms and decision makings to develop new ways to manage the memory of these OS’s. This work shows a comparative analysis of different memory management and security related techniques in above three operating systems. In this paper, we present the analysis of memory management and security in mobile phone operating systems with respect to apps, main memory, cache memory and virtual memory. Also, we compare the overall performance of these OS’s in terms of MM, security concerns. This study will help in finding better operating system in terms of efficient memory management and security.

scholarly journals Resource management and security issues in mobile phone operating systems: A comparative analysis

2017 ◽  
Author(s):  
Khalid Mahmood Awan ◽  
Muhammad Waqar ◽  
Muhammad Faseeh ◽  
Farman Ullah ◽  
Muhammad Qaiser Saleem
Keyword(s):  
Operating System ◽  
Comparative Analysis ◽  
Mobile Phone ◽  
Mobile Phones ◽  
Operating Systems ◽  
Memory Management ◽  
Human Life ◽  
Main Memory ◽  
Handheld Device ◽  
Memory Cache

Nowadays Mobile phones are becoming more popular in our daily lives. Mobile technology has a great effect on human life. Our daily tasks are dependent on mobile devices. Memory Management (MM), Security and Performance plays an important role in every handheld device specially in mobile phones, which are very much dependent on their operating system (OS). These embedded operating systems are on the driving seat when we talk about efficient and useful memory management and secure handling. Three popular OS in mobile phones are Android, Windows and iOS (iPhone OS). Each OS has its own way of managing the memory and provide it to certain number of applications. Android is an open software available for the people to modify as per their needs. But Windows and iOS operating systems didn’t allow their software as open source. Researchers have done a large amount of work using different mechanisms and decision makings to develop new ways to manage the memory of these OS’s. This work shows a comparative analysis of different memory management and security related techniques in above three operating systems. In this paper, we present the analysis of memory management and security in mobile phone operating systems with respect to apps, main memory, cache memory and virtual memory. Also, we compare the overall performance of these OS’s in terms of MM, security concerns. This study will help in finding better operating system in terms of efficient memory management and security.

Linux Based Mobile Operating Systems

2011 ◽  
pp. 35-50
Author(s):  
Lee Chao
Keyword(s):  
Operating System ◽  
User Interface ◽  
Mobile Learning ◽  
Operating Systems ◽  
Memory Management ◽  
Process Management ◽  
Management Process ◽  
Interface Management ◽  
Device Management ◽  
History Of

In today’s mobile computing, Linux plays a significant role. The Linux kernel has been adopted by a variety of mobile operating systems to handle tasks such as device management, memory management, process management, networking, power management, application interface management, and user interface management. This chapter introduces Linux based mobile operating systems installed on various mobile devices. It first gives a brief introduction of the history of mobile Linux. Then, the chapter introduces the mobile Linux features that can be used to meet the mobile learning requirements. The last part of the chapter presents strategies on selecting a Linux based operating system for a particular mobile learning project.

scholarly journals Fine-grained address space layout randomization on program load

2017 ◽  
Vol 29 (6) ◽  
pp. 163-182
Author(s):  
A.R. Nurmukhametov ◽  
E.A. Zhabotinskiy ◽  
Sh. F. Kurmangaleev ◽  
S.S. Gaissaryan ◽  
A.V. Vishnyakov
Keyword(s):  
Address Space ◽  
Fine Grained ◽  
Program Load ◽  
Space Layout ◽  
Address Space Layout Randomization

Enhancing the Efficiency of Memory Management in a Super-Paging Environment by AMSQM

2010 ◽  
pp. 276-293
Author(s):  
Moshe Itshak ◽  
Yair Wiseman
Keyword(s):  
Operating System ◽  
Operating Systems ◽  
Memory Management ◽  
New Technique ◽  
Research Papers ◽  
Page Size ◽  
Replacement Decisions ◽  
Replacement Algorithms

The concept of Super-Paging has been wandering around for more than a decade. Super-Pages are supported by some operating systems. In addition, there are some interesting research papers that show interesting ideas how to intelligently integrate Super-Pages into modern operating systems; however, the page replacement algorithms used by the contemporary operating system even now use the old Clock algorithm which does not prioritize small or large pages based on their size. In this chapter an algorithm for page replacement in a Super-Page environment is presented. The new technique for page replacement decisions is based on the page size and other parameters; hence is appropriate for a Super-Paging environment.

A Function Level Randomization Technique to Mitigate ROP Attacks

2013 ◽  
Vol 765-767 ◽  
pp. 871-878
Author(s):  
Liang Xiao ◽  
Xun Zhan ◽  
Tao Zheng
Keyword(s):  
Binary Code ◽  
Buffer Overflow ◽  
Target System ◽  
Limited Time ◽  
Brute Force ◽  
Address Space ◽  
Return Oriented Programming ◽  
Space Layout ◽  
Address Space Layout Randomization

ROP (Return-Oriented Programming) is a kind of attack technique which makes use of the existing binary code of target systems. ASLR (Address Space Layout Randomization) is widely used to protect systems from buffer-overflow attacks by introducing artificial diversity to software. With ASLR software can be immune from ROP attacks to some extent. Due to the fact that ASLR cant randomize base addresses of executables code segments and its utility on 32-bit architectures is limited by the number of bits available for address randomization, attackers can successfully exploit a target system by using brute force in limited time. Thus, we proposed FLR, a function level randomization technique to mitigate ROP attacks. FLR randomly permutes functions in executables, making attackers assumptions on executables incorrect. We implemented a prototype of FLR and randomized ten executables. ROP attacks succeeded without FLR and failed with FLR.

Research on Operating System Security Technology

2014 ◽  
Vol 703 ◽  
pp. 294-297
Author(s):  
Ming Xin Zhao
Keyword(s):  
Operating System ◽  
Operating Systems ◽  
Address Space ◽  
Security Technology ◽  
Operation System ◽  
Kernel Module ◽  
Security Control ◽  
Safety And Reliability ◽  
Architecture Development ◽  
N Demand

This paper study three mainstream operating system,their kernel module on-demand loading mechanism, their safety and reliability measures, points out the weaknesses these operating systems have in the kernel module security control. Along with the study of two new operating system -- dynamic extensible operating system and virtual address space based on file operation system, make a prospects on the operating system architecture development

Fine-Grained Address Space Layout Randomization on Program Load

2018 ◽  
Vol 44 (5) ◽  
pp. 363-370 ◽  
Author(s):  
A. R. Nurmukhametov ◽  
E. A. Zhabotinskiy ◽  
Sh. F. Kurmangaleev ◽  
S. S. Gaissaryan ◽  
A. V. Vishnyakov
Keyword(s):  
Address Space ◽  
Fine Grained ◽  
Program Load ◽  
Space Layout ◽  
Address Space Layout Randomization
Sign in / Sign up

Export Citation Format

Share Document