ROP Defense in the Cloud through LIve Text Page-level Re-ordering - The LITPR System

Angelo Sapello; C. Jason Chiang; Jesse Elwell; Abhrajit Ghosh; Ayumu Kubota; Takashi Matsunaka

doi:10.5220/0006305402190228

ROP Defense in the Cloud through LIve Text Page-level Re-ordering - The LITPR System

Angelo Sapello, C. Jason Chiang, Jesse Elwell, Abhrajit Ghosh, Ayumu Kubota, Takashi Matsunaka

2017

Abstract

As cloud computing environments move towards securing against simplistic threats, adversaries are moving towards more sophisticated attacks such as ROP (Return Oriented Programming). In this paper we propose the LIve Text Page-level Re-ordering (LITPR) system for prevention of ROP style attacks and in particular the largely unaddressed Blind ROP attacks on applications running on cloud servers. ROP and BROP, respectively, bypass protections such as DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) that are offered by the Linux operating system and can be used to perform arbitrary malicious actions against it. LITPR periodically randomizes the in-memory locations of application and kernel code, at run time, to ensure that both ROP and BROP style attacks are unable to succeed. This is a dramatic change relative to ASLR which is a load time randomization technique.

Download

Paper Citation

in Harvard Style

Sapello A., Chiang C., Elwell J., Ghosh A., Kubota A. and Matsunaka T. (2017). ROP Defense in the Cloud through LIve Text Page-level Re-ordering - The LITPR System . In Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-243-1, pages 219-228. DOI: 10.5220/0006305402190228

in Bibtex Style

@conference{closer17,
author={Angelo Sapello and C. Jason Chiang and Jesse Elwell and Abhrajit Ghosh and Ayumu Kubota and Takashi Matsunaka},
title={ROP Defense in the Cloud through LIve Text Page-level Re-ordering - The LITPR System},
booktitle={Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2017},
pages={219-228},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006305402190228},
isbn={978-989-758-243-1},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - ROP Defense in the Cloud through LIve Text Page-level Re-ordering - The LITPR System
SN - 978-989-758-243-1
AU - Sapello A.
AU - Chiang C.
AU - Elwell J.
AU - Ghosh A.
AU - Kubota A.
AU - Matsunaka T.
PY - 2017
SP - 219
EP - 228
DO - 10.5220/0006305402190228