A Mathematical Model of Mitigating Memory Randomization Weakness via Moving Target Defense

被引:0
|
作者
Aldossary, Sultan [1 ,2 ]
Allen, William [1 ]
Zhang, Shengzhi [1 ]
机构
[1] Florida Inst Technol, Sch Comp, Melbourne, FL 32901 USA
[2] Prince Sattam Bin Abdulaziz Univ, Al Kharj, Saudi Arabia
来源
PROCEEDINGS 2017 INTERNATIONAL CONFERENCE ON COMPUTATIONAL SCIENCE AND COMPUTATIONAL INTELLIGENCE (CSCI) | 2017年
关键词
Buffer overflow attack;
D O I
10.1109/CSCI.2017.338
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
The address space randomization technique was proposed to make determining the address of a shared library more difficult since each instance of the program is loaded into a random base address. However, when address space randomization layout (ASLR) is implemented on a 32-bit system, an attacker can use a brute force attack to guess the address of the shared library. The main goal of the research described in this paper is to study the use of a dispatching algorithm and multiple back-end servers as a moving target defense technique to mitigate ASLR weaknesses. First, we present a brute force attack when the number of servers is known. Second, we present a brute force attack when the number of servers is unknown. Last, we present the probability of the attacker's success on both of the attacks.
引用
收藏
页码:61 / 67
页数:7
相关论文
共 38 条
  • [1] A Novel Route Randomization Approach for Moving Target Defense
    Wang, Shaolei
    Zhou, Ying
    Guo, Ronghua
    Du, Jing
    Du, Jiawei
    2018 IEEE 18TH INTERNATIONAL CONFERENCE ON COMMUNICATION TECHNOLOGY (ICCT), 2018, : 11 - 15
  • [2] A Software-Defined Approach for Mitigating Insider and External Threats via Moving Target Defense
    d'Ambrosio, Nicola
    Melluso, Emma
    Perrone, Gaetano
    Romano, Simon Pietro
    2023 IEEE CONFERENCE ON NETWORK FUNCTION VIRTUALIZATION AND SOFTWARE DEFINED NETWORKS, NFV-SDN, 2023, : 213 - 219
  • [3] Effectiveness of IP Address Randomization in Decoy-Based Moving Target Defense
    Clark, Andrew
    Sun, Kun
    Poovendran, Radha
    2013 IEEE 52ND ANNUAL CONFERENCE ON DECISION AND CONTROL (CDC), 2013, : 678 - 685
  • [4] A Signaling Game Model for Moving Target Defense
    Feng, Xiaotao
    Zheng, Zizhan
    Cansever, Derya
    Swami, Ananthram
    Mohapatra, Prasant
    IEEE INFOCOM 2017 - IEEE CONFERENCE ON COMPUTER COMMUNICATIONS, 2017,
  • [5] A Model for Analyzing the Effectiveness of Moving Target Defense
    Zhao, Guangsheng
    Xiong, Xinli
    Wu, Huaying
    ICCNS 2018: PROCEEDINGS OF THE 8TH INTERNATIONAL CONFERENCE ON COMMUNICATION AND NETWORK SECURITY, 2018, : 17 - 21
  • [6] Mitigating Crossfire Attacks using SDN-based Moving Target Defense
    Aydeger, Abdullah
    Saputro, Nico
    Akkaya, Kemal
    Rahman, Mohammad
    2016 IEEE 41ST CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN), 2016, : 627 - 630
  • [7] Mitigating communications threats in decentralized federated learning through moving target defense
    Beltran, Enrique Tomas Martinez
    Sanchez, Pedro Miguel Sanchez
    Bernal, Sergio Lopez
    Bovet, Gerome
    Perez, Manuel Gil
    Perez, Gregorio Martinez
    Celdran, Alberto Huertas
    WIRELESS NETWORKS, 2024, 30 (09) : 7407 - 7421
  • [8] Moving target defense of routing randomization with deep reinforcement learning against eavesdropping attack
    Xu, Xiaoyu
    Hu, Hao
    Liu, Yuling
    Tan, Jinglei
    Zhang, Hongqi
    Song, Haotian
    DIGITAL COMMUNICATIONS AND NETWORKS, 2022, 8 (03) : 373 - 387
  • [9] Moving target defense of routing randomization with deep reinforcement learning against eavesdropping attack
    Xiaoyu Xu
    Hao Hu
    Yuling Liu
    Jinglei Tan
    Hongqi Zhang
    Haotian Song
    Digital Communications and Networks, 2022, 8 (03) : 373 - 387
  • [10] CONDENSE: A Moving Target Defense Approach for Mitigating Cache Side-Channel Attacks
    Dai, Chenxi
    Adegbija, Tosiron
    IEEE CONSUMER ELECTRONICS MAGAZINE, 2020, 9 (03) : 114 - 119
1234