Traditional software development favors a one-size-fits-all mentality which results in software with incremental complexity and packed with often unused features creating powerful resources for attacks as well as obstacles for defenses: critical gadgets for code-reuse attacks, add complexity for analysis, vulnerabilities for crafting and escalating exploits, etc.
However, studies have shown that most end users tend to use only a fraction of code available in memory, across all layers of software execution stacks: application, library, interpreter, OS, and hardware. Complex software often contains features intended by the developers for all deployment contexts but are often unused in practice and expose security risks in average use case. In fact, clients must bear the burden of carrying all the features in the code with no viable method to adapt, disable or remove them. This extraneous code called bloated code may contain its own bugs and vulnerabilities broadening the overall attack surface. For example, unused code introduces critical gadgets for code-reuse attacks such as Stack Pivoting allowing an attacker to trigger the execution of the gadgets in a Return-Oriented Programming (ROP) payload.
This dissertation addresses the pressing need for a comprehensive system to efficiently reduce attack surface by tackling both the cause (i.e. one-size-fits-all property of software) and effect (i.e. security-critical gadgets) of the problem. First, for the former, we present a system to perform software specialization at both source code and binary levels by removing unused code from a code module, leaving only necessary code in the memory for a particular deployment context. For the latter, we introduce a stack pointer-centric integrity model and an enforcement system designed to remove the availability of gadgets to perform stack pivoting and limit the diverse set of gadgets for code reuse attacks. Our results show that our approach can remove as much as 86% code at source code level and as much as 20.81% code from binary while effectively mitigating and limiting security-sensitive gadgets with low performance overhead of 5.1%.
|Commitee:||Ghose, Kanad, Ponomarev, Dmitry, Yan, Guanhua, Lu, Shuxia (Susan)|
|School:||State University of New York at Binghamton|
|School Location:||United States -- New York|
|Source:||DAI-B 82/2(E), Dissertation Abstracts International|
Copyright in each Dissertation and Thesis is retained by the author. All Rights Reserved
The supplemental file or files you are about to download were provided to ProQuest by the author as part of a
dissertation or thesis. The supplemental files are provided "AS IS" without warranty. ProQuest is not responsible for the
content, format or impact on the supplemental file(s) on our system. in some cases, the file type may be unknown or
may be a .exe file. We recommend caution as you open such files.
Copyright of the original materials contained in the supplemental file is retained by the author and your access to the
supplemental files is subject to the ProQuest Terms and Conditions of use.
Depending on the size of the file(s) you are downloading, the system may take some time to download them. Please be