HardScope : Run-time variable scope enforcement as a defense against data-oriented programming attacks

Show full item record


Title: HardScope : Run-time variable scope enforcement as a defense against data-oriented programming attacks
Author: Lehikoinen, Aaro
Contributor: University of Helsinki, Faculty of Science, Department of Computer Science
Publisher: Helsingin yliopisto
Date: 2018
URI: http://urn.fi/URN:NBN:fi:hulib-201804131675
Thesis level: master's thesis
Abstract: Memory errors exist in software written in memory-unsafe languages like C. They introduce severe vulnerabilities in software. Vulnerabilities may even be exploited by attackers over the Internet and sometimes they can be used to gain complete control of computer systems. Exploitation of memory errors is usually not trivial, but requires building an attack that corrupts the memory carefully to achieve the attacker’s goal. Multiple defenses against memory attacks exist and modern systems have complete defenses in place against certain attack classes. All defenses cannot be applied to all systems, and they do not protect against all possible attacks. Data-Oriented Programming (DOP) attacks are a new class of attacks that utilize the target program’s existing code to perform malicious operations. DOP differs from other attacks like Return-Oriented Programming (ROP) by avoiding control-flow violations, making it impossible to prevent with control-flow defenses. We analyze existing DOP attacks and determine that their expressiveness in real-world programs requires violating C variable visibility rules. We introduce Run-time Scope Enforcement (RSE), a defense that enforces variable visibility rules at run time. In this thesis, we introduce HardScope, our hardware-assisted implementation of RSE. HardScope has an instrumentation engine that instruments C programs with code that maintains variable visibility rules during execution. The run-time platform is based on RISC-V and consists of instruction set extensions and new processor logic that performs the enforcement. Evaluation shows that HardScope has low performance overhead and that it defends against existing DOP attacks.
Discipline: Computer science

Files in this item

Files Size Format View

There are no files associated with this item.

This item appears in the following Collection(s)

Show full item record