Software for Protection Against Code Reuse Attackers

Back to all technologies
Download as PDF
2014-BERT-66795
Code reuse attacks, such as return-oriented programming, are a class of buffer overflow attacks that repurpose existing executable code towards malicious purposes. These attacks bypass defenses by chaining sequences of instructions or "gadgets" together, which rely on the knowledge of memory layout of the executable code to execute the desired attack logic.

Researchers at Purdue University have developed technology to defend software code from code-reuse attacks. This technology randomizes the internal structure of the executable code by randomly shuffling the function blocks in the target binary. This tool, called Marlin, implements a fine grained randomization based approach by modifying the layout of the executable code, thereby hindering code-reuse attack. Subsequently, the attacker is blocked from necessary knowledge of instruction addresses for code-reuse attacks. This technology can be applied to any ELF binary and every execution of it uses a different randomization.

Advantages:
-Prevents code-reuse attacks on software code
-Randomizes the internal structure of code by using different randomizations for each execution

Potential Applications:
-Software
-Cybersecurity
Jun 22, 2015
Copyright
United States
TXu 1-988-256
Jun 22, 2015
Purdue Office of Technology Commercialization
1801 Newman Road
West Lafayette, IN 47906

Phone: (765) 588-3475
Fax: (765) 463-3486
Email: otcip@prf.org