Show simple item record

dc.contributor.advisorAllen, William
dc.contributor.authorAldossary, Sultan M.
dc.date.accessioned2019-04-04T13:29:55Z
dc.date.available2019-04-04T13:29:55Z
dc.date.created2017-12
dc.date.issued2018-12
dc.date.submittedDecember 2017
dc.identifier.urihttp://hdl.handle.net/11141/2763
dc.descriptionThesis (Ph.D.) - Florida Institute of Technology, 2018en_US
dc.description.abstractIn this dissertation, we address the problem of weakness of address space layout randomization. The address space randomization technique was proposed to make determining the address of a shared library more difficult since each instance of the program is loaded into a random base address. However, when address space randomization layout (ASLR) is implemented on a 32-bit system, an attacker can use a brute force attack to guess the address of the shared library.The main goal of the research described in this dissertation is to study the use of a dispatching algorithm and multiple back-end servers as a moving target defense technique to mitigate ASLR weaknesses. In this dissertation, we present a probabilistic model for three types of attacks. First, we present a brute force attack when the number of servers is known. Second, we present a brute force attack when the number of servers is unknown. Then, we present the probability of the attacker’s success on both of the attacks. Second, we implement a system to mitigate those attacks, to measure the effect of implementing these defenses on performance, and to measure its effect on throughput, response time and CPU utilization. Finally, we analyze how the moving target defense helps in distributing the attack and increasing the attack surface. We demonstrate how increasing the attack surface affects system performance.en_US
dc.format.mimetypeapplication/pdf
dc.language.isoen_USen_US
dc.rightsCC BY 4.0en_US
dc.rights.urihttp://creativecommons.org/licenses/by/4.0/legalcodeen_US
dc.titleMitigating Memory Randomization Weaknesses via Moving Target Defenseen_US
dc.typeDissertationen_US
dc.date.updated2019-02-01T15:40:35Z
thesis.degree.nameDoctor of Philosophy in Computer Scienceen_US
thesis.degree.levelDoctoralen_US
thesis.degree.disciplineComputer Scienceen_US
thesis.degree.departmentComputer Engineering and Sciencesen_US
thesis.degree.grantorFlorida Institute of Technologyen_US
dc.type.materialtext


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record

CC BY 4.0
Except where otherwise noted, this item's license is described as CC BY 4.0