NSF Award
2417055
Creating effective security measures to defend against memory corruption attacks, which can seriously jeopardize the security and stability of a system, has been a persistent challenge over the past two decades. One proposed mitigation strategy is code randomization, where the system scrambles the locations of the code and data in memory, to prevent attackers from gaining advanced knowledge of the memory contents. Our particular focus is to address a particular type of attack called JIT-ROP, because it can bypass the protection of code randomization. The success of this research will have the potential to revolutionize JIT-ROP countermeasures and shift the balance of the memory attack/counter-attack to the advantage of defenders. Additionally, this project will develop new educational tools to enhance hands-on cybersecurity courses, benefiting students significantly. The PI is committed to engaging minority and under-served populations in cutting-edge research, thereby promoting diversity and inclusion in the field. Collaborations with the open-source community will ensure wide dissemination of the research, fostering further innovation and progress in cybersecurity.<br/><br/>JIT-ROP exploits memory disclosure vulnerabilities to dynamically harvest reusable code gadgets and construct attack payloads on-the-fly. To counteract JIT-ROP attacks, researchers have developed many execute-only memory (XoM) prototypes, which prevent dynamic reading of memory pages. While the concept of XoM is promising in theory, existing solutions face significant challenges in reliability and compatibility, limiting their practical application. These challenges include the inability to handle mixed code and data, incompatibility with commercial off-the-shelf programs, and substantial runtime overhead. This project proposes an innovative approach using a modern CPU feature, Memory Protection Keys, to establish efficient memory permission control mechanisms that accommodate mixed code and data. The first task investigates how to reliably retrofit XoM into stripped binaries on the x86-64 platform. Unlike existing methods, this approach enables legitimate data reads in executable memory without relying on error-prone binary rewriting. The second task explores integrating unreadable "booby traps" into JIT-compiled code. These traps act as a novel mechanism to detect JIT-ROP intrusions during runtime memory disclosure, providing timely alerts to potential attacks. In summary, this research aims to overcome the limitations of current XoM solutions, paving the way for more effective JIT-ROP countermeasures.<br/><br/>This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
