Mitigating Memory Randomization Weaknesses via Moving Target Defense
Aldossary, Sultan M.
MetadataShow full item record
In this dissertation, we address the problem of weakness of address space layout randomization. The address space randomization technique was proposed to make determining the address of a shared library more difficult since each instance of the program is loaded into a random base address. However, when address space randomization layout (ASLR) is implemented on a 32-bit system, an attacker can use a brute force attack to guess the address of the shared library.The main goal of the research described in this dissertation is to study the use of a dispatching algorithm and multiple back-end servers as a moving target defense technique to mitigate ASLR weaknesses. In this dissertation, we present a probabilistic model for three types of attacks. First, we present a brute force attack when the number of servers is known. Second, we present a brute force attack when the number of servers is unknown. Then, we present the probability of the attacker’s success on both of the attacks. Second, we implement a system to mitigate those attacks, to measure the effect of implementing these defenses on performance, and to measure its effect on throughput, response time and CPU utilization. Finally, we analyze how the moving target defense helps in distributing the attack and increasing the attack surface. We demonstrate how increasing the attack surface affects system performance.