Address-Space Randomization for Windows Systems

Miami Beach, Florida, USA December 11-December 15

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ACSAC.2006.10

22nd Annual Computer Security Applica ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Lixin Li Articles by James E. Just Articles by R. Sekar

	ASCII Text	x
	Lixin Li, James E. Just, R. Sekar, "Address-Space Randomization for Windows Systems," Computer Security Applications Conference, Annual, pp. 329-338, 22nd Annual Computer Security Applications Conference (ACSAC'06), 2006.

	BibTex	x
	@article{ 10.1109/ACSAC.2006.10, author = {Lixin Li and James E. Just and R. Sekar}, title = {Address-Space Randomization for Windows Systems}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2006}, issn = {1063-9527}, pages = {329-338}, doi = {http://doi.ieeecomputersociety.org/10.1109/ACSAC.2006.10}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - Address-Space Randomization for Windows Systems SN - 1063-9527 SP329 EP338 A1 - Lixin Li, A1 - James E. Just, A1 - R. Sekar, PY - 2006 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

Lixin Li, Global InfoTek, Inc., USA

James E. Just, Global InfoTek, Inc., USA

R. Sekar, Stony Brook University, USA

Address-space randomization (ASR) is a promising solution to defend against memory corruption attacks that have contributed to about three-quarters of USCERT advisories in the past few years. Several techniques have been proposed for implementing ASR on Linux, but its application to Microsoft Windows, the largest monoculture on the Internet, has not received as much attention. We address this problem in this paper and describe a solution that provides about 15-bits of randomness in the locations of all (code or data) objects. Our randomization is applicable to all processes on a Windows box, including all core system services, as well as applications such as web browsers, office applications, and so on. Our solution has been deployed continuously for about a year on a desktop system used daily, and is robust enough for production use.

Citation:

Lixin Li, James E. Just, R. Sekar, "Address-Space Randomization for Windows Systems," acsac, pp.329-338, 22nd Annual Computer Security Applications Conference (ACSAC'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.