PRIORITIZED RUNTIME ADDRESS RANDOMIZATION FOR BUFFER OVERFLOW EXTENUATION

Abstract

Today a majority of security exploits have a memory corruption component. These attacks depend on corrupting some process memory and either injecting a shellcode and executing that or using some system calls with malicious parameters to harm victim machine and to replicate. The existing approaches either provide insufficient randomness or require source code modification. Insufficient randomness allows attacker to use Brute-Force attacks and source code modification doesn’t seem to be viable solution for all the software available on the internet which are the biggest reservoir of the memory corruption attacks. In this paper we propose PriCryp, a prophylactic security technique that makes efficient and effective use of ASLR and ISR to provide prioritized cryptographic runtime code block randomization. Here we make key observation that system calls are almost always used in memory corruption attacks by the attackers. We make use of cryptographic algorithms to scramble data var...