AsiaIPEX is a one-stop-shop for players in the IP industry, facilitating IP trade and connection to the IP world. Whether you are a patent owner interested in selling your IP, or a manufacturer looking to buy technologies to upgrade your operation, you will find the portal a useful resource.

Back to search results

Software Protects Against Code Reuse Attacks by Randomizing Code

Summary: Researchers at Purdue University have addressed these issues with a program designed for Unix-based systems, dubbed Marlin. Marlin takes a finer-grained approach to randomizing a program's code, rearranging at the level of "function blocks". Unlike other programs, Marlin randomizes the code every time a program is executed, resulting in near 100 percent rearrangement of function blocks. Using Marlin, the researchers have succeeded in preventing an attack on a program with a known vulnerability. The researchers estimate that for common Linux programs, 2730 brute force attempts at 14.3 seconds per attempt are necessary for a successful attack. Marlin also reduces the cost on computer performance by performing all the necessary computations before a program is launched, averaging 0.87 seconds each for 131 common Linux programs.

Technology Benefits: Less susceptible to attacks than comparable softwareDoes not affect the speed of an application once loadedSuccessful even against vulnerable software

Technology Application: Computer Security

Detailed Technology Description: Elisa BertinoPurdue Computer ScienceDatabase & Information Security GroupCyber CenterCERIAS

*Abstract

*Background: Return Oriented Programming (ROP) attacks are a current threat to computer security. In an ROP attack, code existing in a computer application is appropriated for malicious purposes. In the attack, pieces of this existing code are located and strung together, allowing the attacker to perform any arbitrary computation. This problem has previously been addressed by randomizing the addresses of large segments of code in hope that the ROP attack cannot find the necessary code. Unfortunately, this current security method is susceptible to brute-force attacks, which 32-bit systems are particularly susceptible when compared to 64-bit systems. Current security programs can also have the disadvantages of requiring the source code, designed to run too infrequently, or decreasing overall computer speed and performance.

*Stage of Development: Prototype Testing

*Web Links: Purdue Office of Technology CommercializationPurdueInnovation and EntrepreneurshipElisa BertinoPurdue Computer ScienceDatabase & Information Security GroupCyber CenterCERIAS

Country/Region: USA

For more information, please click Here