Software diversity evaluation method based on the properties of ROP/JOP gadgets
In order to reduce the risk of rapid spread of homogeneous attacks in network systems, and enhance network and software security, software diversification technologies are applied widely nowadays.Software diversification aims to generate functionally equivalent but internally changed program variant...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2022-12-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2022086 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841529694053203968 |
|---|---|
| author | Yuning CHI Yunfei GUO Yawen WANG Hongchao HU |
| author_facet | Yuning CHI Yunfei GUO Yawen WANG Hongchao HU |
| author_sort | Yuning CHI |
| collection | DOAJ |
| description | In order to reduce the risk of rapid spread of homogeneous attacks in network systems, and enhance network and software security, software diversification technologies are applied widely nowadays.Software diversification aims to generate functionally equivalent but internally changed program variants, thereby alter a single operating environment and mitigating homogenization attacks.The existing diversified technical evaluation index ROP gadgets survival rate is difficult to directly reflect the safety impact and the evaluation method is single.In order to evaluate the effectiveness of the diversification method more comprehensively and effectively, a software diversification evaluation method based on the properties of ROP/JOP gadgets is proposed, by analyzing common code reuse attacks, and turns abstract quantification into concrete indicators evaluates the security gain and effect of diversified methods from three aspects of space, time and quality.The method first discusses how diversification techniques affect ROP/JOP attacks according to the three properties of gadgets similarity, damage degree and availability.Nine kinds of diversification methods, such as instruction replacement, NOP insertion, and control flow flattening, are used to diversify the GNU coreutils assembly to generate diversification assembly.Experiments based on the property of gadgets are carried out on the diverse assemblies, and the effectiveness of different diversification methods and the impact on attacks are evaluated according to the experimental results.The experimental results show that this method can accurately evaluate the security gain of software diversification methods, the diversification technology will lead to the increase of the attack chain space required by the ROP/JOP attack, the longer time to construct the attack chain and the lower the attack success rate.The effects of different diversification methods are different, it has a guiding role for the follow-up research on diversified technologies with higher safety gains. |
| format | Article |
| id | doaj-art-46ba97de824443da8ef321fd8f38d4d9 |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2022-12-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-46ba97de824443da8ef321fd8f38d4d92025-01-15T03:16:06ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2022-12-01813514559574698Software diversity evaluation method based on the properties of ROP/JOP gadgetsYuning CHIYunfei GUOYawen WANGHongchao HUIn order to reduce the risk of rapid spread of homogeneous attacks in network systems, and enhance network and software security, software diversification technologies are applied widely nowadays.Software diversification aims to generate functionally equivalent but internally changed program variants, thereby alter a single operating environment and mitigating homogenization attacks.The existing diversified technical evaluation index ROP gadgets survival rate is difficult to directly reflect the safety impact and the evaluation method is single.In order to evaluate the effectiveness of the diversification method more comprehensively and effectively, a software diversification evaluation method based on the properties of ROP/JOP gadgets is proposed, by analyzing common code reuse attacks, and turns abstract quantification into concrete indicators evaluates the security gain and effect of diversified methods from three aspects of space, time and quality.The method first discusses how diversification techniques affect ROP/JOP attacks according to the three properties of gadgets similarity, damage degree and availability.Nine kinds of diversification methods, such as instruction replacement, NOP insertion, and control flow flattening, are used to diversify the GNU coreutils assembly to generate diversification assembly.Experiments based on the property of gadgets are carried out on the diverse assemblies, and the effectiveness of different diversification methods and the impact on attacks are evaluated according to the experimental results.The experimental results show that this method can accurately evaluate the security gain of software diversification methods, the diversification technology will lead to the increase of the attack chain space required by the ROP/JOP attack, the longer time to construct the attack chain and the lower the attack success rate.The effects of different diversification methods are different, it has a guiding role for the follow-up research on diversified technologies with higher safety gains.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2022086software diversificationROP/JOP attackgadgets propertiessafety gain evaluation |
| spellingShingle | Yuning CHI Yunfei GUO Yawen WANG Hongchao HU Software diversity evaluation method based on the properties of ROP/JOP gadgets 网络与信息安全学报 software diversification ROP/JOP attack gadgets properties safety gain evaluation |
| title | Software diversity evaluation method based on the properties of ROP/JOP gadgets |
| title_full | Software diversity evaluation method based on the properties of ROP/JOP gadgets |
| title_fullStr | Software diversity evaluation method based on the properties of ROP/JOP gadgets |
| title_full_unstemmed | Software diversity evaluation method based on the properties of ROP/JOP gadgets |
| title_short | Software diversity evaluation method based on the properties of ROP/JOP gadgets |
| title_sort | software diversity evaluation method based on the properties of rop jop gadgets |
| topic | software diversification ROP/JOP attack gadgets properties safety gain evaluation |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2022086 |
| work_keys_str_mv | AT yuningchi softwarediversityevaluationmethodbasedonthepropertiesofropjopgadgets AT yunfeiguo softwarediversityevaluationmethodbasedonthepropertiesofropjopgadgets AT yawenwang softwarediversityevaluationmethodbasedonthepropertiesofropjopgadgets AT hongchaohu softwarediversityevaluationmethodbasedonthepropertiesofropjopgadgets |