Data Randomization

[Nytro]

Data Randomization

Cristian Cadar

Microsoft Research

Cambridge, UK

cristic@stanford.edu

Periklis Akritidis

Microsoft Research

Cambridge, UK

pa280@cl.cam.ac.uk

Manuel Costa

Microsoft Research

Cambridge, UK

manuelc@microsoft.com

Jean-Phillipe Martin

Microsoft Research

Cambridge, UK

jpmartin@microsoft.com

Miguel Castro

Microsoft Research

Cambridge, UK

mcastro@microsoft.com

Abstract

Attacks that exploit memory errors are still a serious

problem. We present data randomization, a new technique

that provides probabilistic protection against these

attacks by xoring data with random masks. Data randomization

uses static analysis to partition instruction

operands into equivalence classes: it places two operands

in the same class if they may refer to the same object in

an execution that does not violate memory safety. Then

it assigns a random mask to each class and it generates

code instrumented to xor data read from or written to

memory with the mask of the memory operand’s class.

Therefore, attacks that violate the results of the static

analysis have unpredictable results. We implemented

a data randomization prototype that compiles programs

without modifications and can preventmany attacks with

low overhead. Our prototype prevents all the attacks in

our benchmarks while introducing an average runtime

overhead of 11%(0%to 27%) and an average space overhead

below 1%.

Download:

research.microsoft.com/pubs/70626/tr-2008-120.pdf