Title: FFRR: a software diversity technique for defending against buffer overflow attacks

Authors: N. Raghu Kisore; K. Shiva Kumar

Addresses: Mahindra Ecole Centrale, 1A, Survey No. 62, Bahadurpally, Hyderabad, Telangana 500043, India ' Mobis Technical Center of India (Hyundai Mobis R&D), Madhapur, Hyderabad, Telangana 500081, India

Abstract: To date, several software diversity techniques have been proposed as defence to buffer overflow attacks. The existing diversity techniques sometimes rely on hardware support or modifications to operating system which makes them difficult to deploy. Further, the diversity is determined at the time of either compilation, link or load time, making them vulnerable to brute force attacks and attacks based on information leakage. In this work we study and implement function frame runtime randomisation (FFRR) technique (Shiva Kumar and Neelisetti, 2014) that generates variants of program binary from a single variant of the source program at runtime. We implemented FFRR as a compile time flag in GCC (C compiler) that can be activated at compile time and hence can be easily applied to legacy programs. FFRR incurs an average execution time overhead (SPEC CPU 2006) of 16%, while ASLR incurs an overhead of 21%.

Keywords: function frame; runtime randomisation; software security; software diversity; buffer overflows.

DOI: 10.1504/IJICS.2022.122913

International Journal of Information and Computer Security, 2022 Vol.18 No.1/2, pp.40 - 74

Received: 12 Feb 2019
Accepted: 20 Aug 2019
Published online: 17 May 2022 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article