Loading [a11y]/accessibility-menu.js
ASLR: How Robust Is the Randomness? | IEEE Conference Publication | IEEE Xplore

ASLR: How Robust Is the Randomness?


Abstract:

This paper examines the security provided by different implementations of Address Space Layout Randomization (ASLR). ASLR is a security mechanism that increases control-f...Show More

Abstract:

This paper examines the security provided by different implementations of Address Space Layout Randomization (ASLR). ASLR is a security mechanism that increases control-flow integrity by making it more difficult for an attacker to properly execute a buffer-overflow attack, even in systems with vulnerable software. The strength of ASLR lies in the randomness of the offsets it produces in memory layouts. We compare multiple operating systems, each compiled for two different hardware architectures, and measure the amount of entropy provided to a vulnerable application. Our paper is the first publication that we are aware of that quantitatively compares the entropy of different ASLR implementations. In addition, we provide a method for remotely assessing the efficacy of a particular security feature on systems that are otherwise unavailable for analysis, and highlight the need for independent evaluation of security mechanisms.
Date of Conference: 24-26 September 2017
Date Added to IEEE Xplore: 23 October 2017
ISBN Information:
Conference Location: Cambridge, MA, USA

Contact IEEE to Subscribe

References

References is not available for this document.