Write a Blog >>
VEE 2017
Sat 8 - Sun 9 April 2017 Xi'an, China
VEE 2017 (series) / Session 4 /

RERANZ: A Light-Weight Virtual Machine to Mitigate Memory Disclosure Attacks

Zhe Wang, Chenggang Wu, Jianjun Li, Yuanming Lai, Xiangyu Zhang, Wei-Chung Hsu, Yueqiang Cheng
VEE 2017 Session 4
Sun 9 Apr 2017 09:30 - 10:00 at Zhu Que Room - Security Chair(s): Maoni Stephens

Recent code reuse attacks are able to circumvent various address space layout randomization (ASLR) techniques by exploiting memory disclosure vulnerabilities. To mitigate sophisticated code reuse attacks, we proposed a light-weight virtual machine, RERANZ, which deploys a novel continuous binary code re-randomization to mitigate memory disclosure oriented attacks. In order to meet security and performance goals, costly code randomization operations are outsourced to a separate process, called the “shuffling process”. The shuffling process continuously flushed the old code and replaced it with a fine-grained randomized code variant. RERANZ repeats the process each time an adversary might obtain the information and upload a payload. Our performance evaluation shows that RERANZ Virtual Machine incurs a very low performance overhead. The security evaluation shows that RERANZ successfully protect the Nginx web server against the Blind-ROP attack.

small-avatar
Zhe Wang
State Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences
Chenggang Wu
Chenggang Wu
Institute of Computing Technology, Chinese Academy of Science
China
small-avatar
Jianjun Li
State Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences
small-avatar
Yuanming Lai
State Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences
Xiangyu Zhang
Xiangyu Zhang
Purdue University
small-avatar
Wei-Chung Hsu
Dept. Computer Science & Information Engineering, National Taiwan University
small-avatar
Yueqiang Cheng
Acetti Software

Sun 9 Apr
Times are displayed in time zone: Azores change

09:00 - 10:30: SecuritySession 4 at Zhu Que Room
Chair(s): Maoni Stephens
09:00 - 09:30
Talk		Security analysis of encrypted virtual machines
Session 4
Felicitas HetzeltTechnical University of Berlin, Robert Buhren
09:30 - 10:00
Talk		RERANZ: A Light-Weight Virtual Machine to Mitigate Memory Disclosure Attacks
Session 4
Zhe WangState Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences, Chenggang WuInstitute of Computing Technology, Chinese Academy of Science, Jianjun LiState Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences, Yuanming LaiState Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences, Xiangyu ZhangPurdue University, Wei-Chung HsuDept. Computer Science & Information Engineering, National Taiwan University, Yueqiang ChengAcetti Software
10:00 - 10:30
Talk		Using OS Design Patterns to Provide Reliability and Security as-a-Service for VM-based Clouds
Session 4
Zachary J. EstradaUniversity of Illinois, Rose-Hulman Institute of Technology, Read SpraberyUniversity of Illinois, Lok YanAir Force Research Laboratory, Zhongzhi YuUniversity of Illinois, Roy CampbellUniversity of Illinois, Zbigniew KalbarczykUniversity of Illinois, Ravishankar K. IyerUniversity of Illinois