Skip to main content
Conference Proceedings

Marlin: A fine grained randomization approach to defend against ROP attacks

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2013) 7873 LNCS 293-306
DOI: 10.1007/978-3-642-38631-2_22
31Citations
Citations of this article
26Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Code-reuse attacks, such as return-oriented programming (ROP), bypass defenses against code injection by repurposing existing executable code toward a malicious end. A common feature of these attacks is the reliance on the knowledge of the layout of the executable code. We propose a fine grained randomization based approach that modifies the layout of executable code and hinders code-reuse attack. Our solution, Marlin, randomizes the internal structure of the executable code, thereby denying the attacker the necessary a priori knowledge of instruction addresses for constructing the desired exploit payload. Our approach can be applied to any ELF binary and every execution of this binary uses a different randomization. Our work shows that such an approach is feasible and significantly increases the level of security against code-reuse based attacks. © 2013 Springer-Verlag.

Author supplied keywords

Cite

CITATION STYLE

APA

Gupta, A., Kerr, S., Kirkpatrick, M. S., & Bertino, E. (2013). Marlin: A fine grained randomization approach to defend against ROP attacks. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7873 LNCS, pp. 293–306). https://doi.org/10.1007/978-3-642-38631-2_22

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free