Details
| Originalsprache | Englisch |
|---|---|
| Titel des Sammelwerks | LCTES 2023 |
| Untertitel | Proceedings of the 24th ACM SIGPLAN/SIGBED International Conference on Languages, Compilers, and Tools for Embedded Systems |
| Herausgeber/-innen | Bernhard Egger, Dongyoon Lee |
| Herausgeber (Verlag) | Association for Computing Machinery (ACM) |
| Seiten | 64-75 |
| Seitenumfang | 12 |
| ISBN (elektronisch) | 9798400701740 |
| Publikationsstatus | Veröffentlicht - 13 Juni 2023 |
| Veranstaltung | 24th ACM SIGPLAN/SIGBED International Conference on Languages, Compilers, and Tools for Embedded Systems, LCTES 2023 - Orlando, USA / Vereinigte Staaten Dauer: 18 Juni 2023 → 18 Juni 2023 |
Publikationsreihe
| Name | Proceedings of the ACM SIGPLAN Conference on Languages, Compilers, and Tools for Embedded Systems (LCTES) |
|---|
Abstract
Existing debloating techniques designed to prevent buffer-overflow exploits through return-oriented programming do not differentiate roles within a process or binary, allowing all threads access to the full program functionality. For example, a worker thread that handles client connections (highest attack exposure) still has access to all the code that the management thread needs (highest potential fallout). We introduce thread-level attack-surface reduction (TLASR), a dynamic, context-aware approach that eliminates unused code on a thread level. For this, we (permanently or temporarily) eliminate parts of the text segment (both in shared libraries and the main binary) and use the mmview Linux extension to support multiple text-segment views in a single process. We reduce the executable code visible from a single thread in MariaDB, Memcached, OpenSSH, and Bash by 84 to 98.4 percent. As a result, the number of ROP gadgets decreases significantly (78–97 %), with TLASR rendering an auto-ROP utility ineffective in all investigated benchmarks and eliminating all CVE-related functions ever reported for glibc in 97 percent of the cases.
ASJC Scopus Sachgebiete
- Informatik (insg.)
- Software
Zitieren
- Standard
- Harvard
- Apa
- Vancouver
- BibTex
- RIS
LCTES 2023 : Proceedings of the 24th ACM SIGPLAN/SIGBED International Conference on Languages, Compilers, and Tools for Embedded Systems. Hrsg. / Bernhard Egger; Dongyoon Lee. Association for Computing Machinery (ACM), 2023. S. 64-75 (Proceedings of the ACM SIGPLAN Conference on Languages, Compilers, and Tools for Embedded Systems (LCTES)).
Publikation: Beitrag in Buch/Bericht/Sammelwerk/Konferenzband › Aufsatz in Konferenzband › Forschung › Peer-Review
}
TY - GEN
T1 - Thread-Level Attack-Surface Reduction
AU - Rommel, Florian
AU - Dietrich, Christian
AU - Ziegler, Andreas
AU - Ostapyshyn, Illia
AU - Lohmann, Daniel
N1 - Funding Information: We thank the anonymous reviewers for their valuable feedback and dedicated efforts in helping us improve this paper. TLASR was funded by the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) – 468988364, 501887536.
PY - 2023/6/13
Y1 - 2023/6/13
N2 - Existing debloating techniques designed to prevent buffer-overflow exploits through return-oriented programming do not differentiate roles within a process or binary, allowing all threads access to the full program functionality. For example, a worker thread that handles client connections (highest attack exposure) still has access to all the code that the management thread needs (highest potential fallout). We introduce thread-level attack-surface reduction (TLASR), a dynamic, context-aware approach that eliminates unused code on a thread level. For this, we (permanently or temporarily) eliminate parts of the text segment (both in shared libraries and the main binary) and use the mmview Linux extension to support multiple text-segment views in a single process. We reduce the executable code visible from a single thread in MariaDB, Memcached, OpenSSH, and Bash by 84 to 98.4 percent. As a result, the number of ROP gadgets decreases significantly (78–97 %), with TLASR rendering an auto-ROP utility ineffective in all investigated benchmarks and eliminating all CVE-related functions ever reported for glibc in 97 percent of the cases.
AB - Existing debloating techniques designed to prevent buffer-overflow exploits through return-oriented programming do not differentiate roles within a process or binary, allowing all threads access to the full program functionality. For example, a worker thread that handles client connections (highest attack exposure) still has access to all the code that the management thread needs (highest potential fallout). We introduce thread-level attack-surface reduction (TLASR), a dynamic, context-aware approach that eliminates unused code on a thread level. For this, we (permanently or temporarily) eliminate parts of the text segment (both in shared libraries and the main binary) and use the mmview Linux extension to support multiple text-segment views in a single process. We reduce the executable code visible from a single thread in MariaDB, Memcached, OpenSSH, and Bash by 84 to 98.4 percent. As a result, the number of ROP gadgets decreases significantly (78–97 %), with TLASR rendering an auto-ROP utility ineffective in all investigated benchmarks and eliminating all CVE-related functions ever reported for glibc in 97 percent of the cases.
KW - binary tailoring
KW - debloating
KW - return-oriented programming
UR - http://www.scopus.com/inward/record.url?scp=85164293650&partnerID=8YFLogxK
U2 - 10.1145/3589610.3596281
DO - 10.1145/3589610.3596281
M3 - Conference contribution
AN - SCOPUS:85164293650
T3 - Proceedings of the ACM SIGPLAN Conference on Languages, Compilers, and Tools for Embedded Systems (LCTES)
SP - 64
EP - 75
BT - LCTES 2023
A2 - Egger, Bernhard
A2 - Lee, Dongyoon
PB - Association for Computing Machinery (ACM)
T2 - 24th ACM SIGPLAN/SIGBED International Conference on Languages, Compilers, and Tools for Embedded Systems, LCTES 2023
Y2 - 18 June 2023 through 18 June 2023
ER -