Randomized instruction set emulation

Tipo de publicación: Journal Article

Publicado en: ACM Transactions on Information and System Security (TISSEC)

  • Barrantes, Elena Gabriela
  • Ackley, David H
  • Forrest, Stephanie
  • Stefanovic, Darko

Investigadores del CITIC asociados a la publicación
Dra. E. Gabriela Barrantes Sliesarieva

Proyecto asociado a la publicación
Proyecto sombrilla

Palabras claves
  • Automated Diversity
  • randomized instruction sets
  • software diversity

Injecting binary code into a running program is a common form of attack. Most defenses employ a “guard the doors” approach, blocking known mechanisms of code injection. Randomized instruction set emulation (RISE) is a complementary method of defense, one that performs a hidden randomization of an application's machine code. If foreign binary code is injected into a program running under RISE, it will not be executable because it will not know the proper randomization. The paper describes and analyzes RISE, describing a proof-of-concept implementation built on the open-source Valgrind IA32-to-IA32 translator. The prototype effectively disrupts binary code injection attacks, without requiring recompilation, linking, or access to application source code. Under RISE, injected code (attacks) essentially executes random code sequences. Empirical studies and a theoretical model are reported which treat the effects of executing random code on two different architectures (IA32 and PowerPC). The paper discusses possible extensions and applications of the RISE technique in other contexts.


Datos bibliográficos
Cita bibliográfica
Randomized instruction set emulation