research-article

Decker: Attack Surface Reduction via On-Demand Code Mapping

Authors:
Chris Porter

Georgia Institute of Technology, USA

Georgia Institute of Technology, USA
View Profile

,
Sharjeel Khan

Georgia Institute of Technology, USA

Georgia Institute of Technology, USA
View Profile

,
Santosh Pande

Georgia Institute of Technology, USA

Georgia Institute of Technology, USA
View Profile

ASPLOS 2023: Proceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 2January 2023Pages 192–206https://doi.org/10.1145/3575693.3575734

Published:30 January 2023Publication History

Related Artifact: Decker January 2023 software https://doi.org/10.5281/zenodo.7319957

ASPLOS 2023: Proceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 2

Pages 192–206

ABSTRACT

Modern code reuse attacks take full advantage of bloated software. Attackers piece together short sequences of instructions in otherwise benign code to carry out malicious actions. Mitigating these reusable code snippets, known as gadgets, has become one of the prime focuses of attack surface reduction research. While some debloating techniques remove parts of software that contain such gadgets, other methods focus on making them unusable by breaking up chains of them, thereby substantially diminishing the possibility of code reuse attacks. Third-party libraries are another main focus, because they exhibit a high number of vulnerabilities, but recently, techniques have emerged that deal with whole applications. Attack surface reduction efforts have typically tried to eliminate such attacks by subsetting (debloating) the application, e.g. via user-specified inputs, configurations, or features to achieve high gadget reductions. However, such techniques suffer from the limitations of soundness, i.e. the software might crash during no-attack executions on regular inputs, or they may be conservative and leave a large amount of attack surface untackled.

In this work we present a general, whole-program attack surface reduction technique called Decker that significantly reduces gadgets which are accessible to an attacker during an execution phase (called a deck) and has minor performance degradation. Decker requires no user inputs and leaves all features intact. It uses static analysis to determine key function sets that should be enabled/disabled at runtime. The runtime system then enables these function sets at the specified program points during execution. On SPEC CPU 2017, our framework achieves 73.2% total gadget reduction with 5.2% average slowdown. On 10 GNU coreutils applications, it achieves 87.2% reduction and negligible slowdown. On the nginx server it achieves 80.3% reduction with 2% slowdown. We also provide a gadget chain-breaking case study, including detailed JOP gadget metrics on both Linux and Windows, and show that our framework breaks the shell-spawning chain in all cases.

References

Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti. 2005. Control-flow integrity. In Proceedings of the 12th ACM Conference on Computer and Communications Security, CCS 2005, Alexandria, VA, USA, November 7-11, 2005, Vijay Atluri, Catherine A. Meadows, and Ari Juels (Eds.). ACM, 340–353. https://doi.org/10.1145/1102120.1102165 Google ScholarDigital Library
S. Andersen and V. Abella. 2004. Data Execution Prevention: Changes to Functionality in Microsoft Windows XP Service Pack 2, Part 3: Memory Protection Technologies. http://technet.microsoft.com/en-us/library/bb457155.aspx Accessed: 2021 Oct 10 Google Scholar
Julian Bangert, Sergey Bratus, Rebecca Shapiro, Michael E. Locasto, Jason Reeves, Sean W. Smith, and Anna Shubina. 2013. ELFbac: Using the Loader Format for Intent-Level Semantics and Fine-Grained Protection. Dartmouth University. https://digitalcommons.dartmouth.edu/cs_tr/345 Google Scholar
Árpád Beszédes, Rudolf Ferenc, Tibor Gyimóthy, André Dolenc, and Konsta Karsisto. 2003. Survey of Code-size Reduction Methods. ACM Comput. Surv., 35, 3 (2003), Sept., 223–267. issn:0360-0300 https://doi.org/10.1145/937503.937504 Google ScholarDigital Library
Tyler K. Bletsch, Xuxian Jiang, and Vincent W. Freeh. 2011. Mitigating code-reuse attacks with control-flow locking. In Twenty-Seventh Annual Computer Security Applications Conference, ACSAC 2011, Orlando, FL, USA, 5-9 December 2011, Robert H’obbes’ Zakon, John P. McDermott, and Michael E. Locasto (Eds.). ACM, 353–362. https://doi.org/10.1145/2076732.2076783 Google ScholarDigital Library
Tyler K. Bletsch, Xuxian Jiang, Vincent W. Freeh, and Zhenkai Liang. 2011. Jump-oriented programming: a new class of code-reuse attack. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011, Hong Kong, China, March 22-24, 2011, Bruce S. N. Cheung, Lucas Chi Kwong Hui, Ravi S. Sandhu, and Duncan S. Wong (Eds.). ACM, 30–40. https://doi.org/10.1145/1966913.1966919 Google ScholarDigital Library
Bramwell Brizendine and Austin Babcock. 2021. Pre-built JOP Chains with the JOP ROCKET: Bypassing DEP without ROP. https://i.blackhat.com/asia-21/Thursday-Handouts/as-21-Brizendine-Babcock-Prebuilt-Jop-Chains-With-The-Jop-Rocket-wp.pdf Accessed: 2022 Jun 06 Google Scholar
Bramwell Brizendine and Austin Babcock. 2021. Shellcodeless JOP: Advanced Code-Reuse Attacks with Jump-Oriented Programming. https://files.athack.com/files/2021-12/AtHack-Advanced%20Code-Reuse%20Attacks%20Whitepaper_0.pdf?VersionId=D.HV08jcDUeclPb4FcIiC2jpOuK07GR8 Accessed: 2022 Jun 23 Google Scholar
Michael D. Brown, Matthew Pruett, Robert Bigelow, Girish Mururu, and Santosh Pande. 2021. Not so fast: understanding and mitigating negative impacts of compiler optimizations on code reuse gadget sets. Proc. ACM Program. Lang., 5, OOPSLA (2021), 1–30. https://doi.org/10.1145/3485531 Google ScholarDigital Library
2020. CallGraph.h. https://github.com/llvm/llvm-project/blob/llvmorg-11.0.0/llvm/include/llvm/Analysis/CallGraph.h Accessed: 2022 Nov 9 Google Scholar
Nicolas Carlini, Antonio Barresi, Mathias Payer, David Wagner, and Thomas R. Gross. 2015. Control-flow Bending: On the Effectiveness of Control-flow Integrity. In Proceedings of the 24th USENIX Conference on Security Symposium (SEC’15). USENIX Association, Berkeley, CA, USA. 161–176. isbn:978-1-931971-232 http://dl.acm.org/citation.cfm?id=2831143.2831154 Google Scholar
Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, and Marcel Winandy. 2010. Return-oriented programming without returns. In Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, October 4-8, 2010, Ehab Al-Shaer, Angelos D. Keromytis, and Vitaly Shmatikov (Eds.). ACM, 559–572. https://doi.org/10.1145/1866307.1866370 Google ScholarDigital Library
Jonathan Corbet. 2022. Indirect branch tracking for Intel CPUs. https://lwn.net/Articles/889475/ Accessed: 2022 Oct 21 Google Scholar
2021. Coreutils - GNU core utilities. https://www.gnu.org/software/coreutils/ Accessed: 2021 Jul 27 Google Scholar
Standard Performance Evaluation Corporation. 2021. SPEC CPU 2017. https://www.spec.org/cpu2017/ Accessed: 2021 Jul 27 Google Scholar
John Criswell, Nathan Dautenhahn, and Vikram S. Adve. 2014. KCoFI: Complete Control-Flow Integrity for Commodity Operating System Kernels. In 2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, May 18-21, 2014. IEEE Computer Society, 292–307. https://doi.org/10.1109/SP.2014.26 Google ScholarDigital Library
cxreet. 2021. Razor. https://github.com/cxreet/razor Accessed: 2021 Sept 30 Google Scholar
Saumya K. Debray, William Evans, Robert Muth, and Bjorn De Sutter. 2000. Compiler Techniques for Code Compaction. ACM Trans. Program. Lang. Syst., 22, 2 (2000), March, 378–415. issn:0164-0925 https://doi.org/10.1145/349214.349233 Google ScholarDigital Library
Ren Ding, Chenxiong Qian, Chengyu Song, William Harris, Taesoo Kim, and Wenke Lee. 2017. Efficient Protection of Path-Sensitive Control Security. In 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16-18, 2017, Engin Kirda and Thomas Ristenpart (Eds.). USENIX Association, 131–148. https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/ding Google Scholar
Tyler Durden. 2002. Bypassing PaX ASLR protection. http://phrack.org/issues/59/9.html Accessed: 2021 Sept 14 Google Scholar
Úlfar Erlingsson, Martín Abadi, Michael Vrable, Mihai Budiu, and George C. Necula. 2006. XFI: Software Guards for System Address Spaces. In 7th Symposium on Operating Systems Design and Implementation (OSDI ’06), November 6-8, Seattle, WA, USA, Brian N. Bershad and Jeffrey C. Mogul (Eds.). USENIX Association, 75–88. http://www.usenix.org/events/osdi06/tech/erlingsson.html Google Scholar
Isaac Evans, Fan Long, Ulziibayar Otgonbaatar, Howard Shrobe, Martin Rinard, Hamed Okhravi, and Stelios Sidiroglou-Douskos. 2015. Control Jujutsu: On the Weaknesses of Fine-Grained Control Flow Integrity. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security (CCS ’15). ACM, New York, NY, USA. 901–913. isbn:978-1-4503-3832-5 https://doi.org/10.1145/2810103.2813646 Google ScholarDigital Library
Dmitry Evtyushkin, Dmitry V. Ponomarev, and Nael B. Abu-Ghazaleh. 2016. Jump over ASLR: Attacking branch predictors to bypass ASLR. In 49th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 2016, Taipei, Taiwan, October 15-19, 2016. IEEE Computer Society, 40:1–40:13. https://doi.org/10.1109/MICRO.2016.7783743 Google ScholarCross Ref
Michael Franz and Thomas Kistler. 1997. Slim Binaries. Commun. ACM, 40, 12 (1997), Dec., 87–94. issn:0001-0782 https://doi.org/10.1145/265563.265576 Google ScholarDigital Library
Xinyang Ge, Weidong Cui, and Trent Jaeger. 2017. GRIFFIN: Guarding Control Flows Using Intel Processor Trace. In Proceedings of the Twenty-Second International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2017, Xi’an, China, April 8-12, 2017, Yunji Chen, Olivier Temam, and John Carter (Eds.). ACM, 585–598. https://doi.org/10.1145/3037697.3037716 Google ScholarDigital Library
2021. glibc. https://www.gnu.org/software/libc/ Accessed: 2021 Oct 10 Google Scholar
Kihong Heo, Woosuk Lee, Pardis Pashakhanloo, and Mayur Naik. 2018. Effective Program Debloating via Reinforcement Learning. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS ’18). ACM, New York, NY, USA. 380–394. isbn:978-1-4503-5693-0 https://doi.org/10.1145/3243734.3243838 Google ScholarDigital Library
Hong Hu, Chenxiong Qian, Carter Yagemann, Simon Pak Ho Chung, William R. Harris, Taesoo Kim, and Wenke Lee. 2018. Enforcing Unique Code Target Property for Control-Flow Integrity. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS ’18). ACM, New York, NY, USA. 1470–1486. isbn:978-1-4503-5693-0 https://doi.org/10.1145/3243734.3243797 Google ScholarDigital Library
Mustakimur Khandaker, Wenqing Liu, Abu Naser, Zhi Wang, and Jie Yang. 2019. Origin-sensitive Control Flow Integrity. In 28th USENIX Security Symposium, USENIX Security 2019, Santa Clara, CA, USA, August 14-16, 2019, Nadia Heninger and Patrick Traynor (Eds.). USENIX Association, 195–211. https://www.usenix.org/conference/usenixsecurity19/presentation/khandaker Google Scholar
Mustakimur Khandaker, Abu Naser, Wenqing Liu, Zhi Wang, Yajin Zhou, and Yueqiang Cheng. 2019. Adaptive Call-Site Sensitive Control Flow Integrity. In IEEE European Symposium on Security and Privacy, EuroS&P 2019, Stockholm, Sweden, June 17-19, 2019. IEEE, 95–110. https://doi.org/10.1109/EuroSP.2019.00017 Google ScholarCross Ref
Hyungjoon Koo, Seyedhamed Ghavamnia, and Michalis Polychronakis. 2019. Configuration-Driven Software Debloating. In Proceedings of the 12th European Workshop on Systems Security, EuroSec@EuroSys 2019, Dresden, Germany, March 25, 2019. ACM, 9:1–9:6. https://doi.org/10.1145/3301417.3312501 Google ScholarDigital Library
Volodymyr Kuznetsov, László Szekeres, Mathias Payer, George Candea, R. Sekar, and Dawn Song. 2014. Code-pointer Integrity. In Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation (OSDI’14). USENIX Association, Berkeley, CA, USA. 147–163. isbn:978-1-931971-16-4 http://dl.acm.org/citation.cfm?id=2685048.2685061 Google ScholarDigital Library
Volodymyr Kuznetsov, Laszlo Szekeres, Mathias Payer, George Candea, and Dawn Song. 2015. Poster : Getting The Point(er): On the Feasibility of Attacks on Code-Pointer Integrity. Google Scholar
Chris Lattner and Vikram S. Adve. 2004. LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation. In 2nd IEEE / ACM International Symposium on Code Generation and Optimization (CGO 2004), 20-24 March 2004, San Jose, CA, USA. IEEE Computer Society, 75–88. https://doi.org/10.1109/CGO.2004.1281665 Google ScholarCross Ref
Yuan Li, Mingzhe Wang, Chao Zhang, Xingman Chen, Songtao Yang, and Ying Liu. 2020. Finding Cracks in Shields: On the Security of Control Flow Integrity Mechanisms. In CCS ’20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020, Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna (Eds.). ACM, 1821–1835. https://doi.org/10.1145/3372297.3417867 Google ScholarDigital Library
Y. Liu, P. Shi, X. Wang, H. Chen, B. Zang, and H. Guan. 2017. Transparent and Efficient CFI Enforcement with Intel Processor Trace. In 2017 IEEE International Symposium on High Performance Computer Architecture (HPCA). 529–540. issn:2378-203X https://doi.org/10.1109/HPCA.2017.18 Google ScholarCross Ref
Microsoft. 2022. Control Flow Guard for platform security. https://learn.microsoft.com/en-us/windows/win32/secbp/control-flow-guard Accessed: 2022 Oct 21 Google Scholar
Nick Mitchell, Edith Schonberg, and Gary Sevitsky. 2009. Making Sense of Large Heaps. In ECOOP 2009 - Object-Oriented Programming, 23rd European Conference, Genoa, Italy, July 6-10, 2009. Proceedings, Sophia Drossopoulou (Ed.) (Lecture Notes in Computer Science, Vol. 5653). Springer, 77–97. https://doi.org/10.1007/978-3-642-03013-0_5 Google ScholarDigital Library
Nick Mitchell, Edith Schonberg, and Gary Sevitsky. 2010. Four Trends Leading to Java Runtime Bloat. IEEE Software, 27, 1 (2010), 56–63. https://doi.org/10.1109/MS.2010.7 Google ScholarDigital Library
Nick Mitchell and Gary Sevitsky. 2007. The causes of bloat, the limits of health. In Proceedings of the 22nd Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2007, October 21-25, 2007, Montreal, Quebec, Canada, Richard P. Gabriel, David F. Bacon, Cristina Videira Lopes, and Guy L. Steele Jr. (Eds.). ACM, 245–260. https://doi.org/10.1145/1297027.1297046 Google ScholarDigital Library
Vishwath Mohan, Per Larsen, Stefan Brunthaler, Kevin W. Hamlen, and Michael Franz. 2015. Opaque Control-Flow Integrity. In 22nd Annual Network and Distributed System Security Symposium, NDSS 2015, San Diego, California, USA, February 8-11, 2015. The Internet Society. https://www.ndss-symposium.org/ndss2015/opaque-control-flow-integrity Google Scholar
Robert Muth, Saumya K. Debray, Scott Watterson, and Koen De Bosschere. 2001. Alto: A Link-time Optimizer for the Compaq Alpha. Softw. Pract. Exper., 31, 1 (2001), Jan., 67–101. issn:0038-0644 https://doi.org/10.1002/1097-024X(200101)31:1<67::AID-SPE357>3.0.CO;2-A Google ScholarCross Ref
Nergal. 2001. The Advanced Return-into-lib(c) Exploits: PaX Case Study. Phrack Magazine. http://phrack.org/issues/58/4.html Accessed: 2021 Oct 10 Google Scholar
2019. nginx. https://nginx.org/ Accessed: 2021 Oct 10 Google Scholar
Ben Niu and Gang Tan. 2014. Modular control-flow integrity. In ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI ’14, Edinburgh, United Kingdom - June 09 - 11, 2014, Michael F. P. O’Boyle and Keshav Pingali (Eds.). ACM, 577–587. https://doi.org/10.1145/2594291.2594295 Google ScholarDigital Library
Ben Niu and Gang Tan. 2015. Per-Input Control-Flow Integrity. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, October 12-16, 2015, Indrajit Ray, Ninghui Li, and Christopher Kruegel (Eds.). ACM, 914–926. https://doi.org/10.1145/2810103.2813644 Google ScholarDigital Library
2003. PaX Address Space Layout Randomization. https://pax.grsecurity.net/docs/aslr.txt Accessed: 2021 Oct 10 Google Scholar
Chris Porter, Girish Mururu, Prithayan Barua, and Santosh Pande. 2020. BlankIt library debloating: getting what you want instead of cutting what you don’t. In Proceedings of the 41st ACM SIGPLAN International Conference on Programming Language Design and Implementation, PLDI 2020, London, UK, June 15-20, 2020, Alastair F. Donaldson and Emina Torlak (Eds.). ACM, 164–180. https://doi.org/10.1145/3385412.3386017 Google ScholarDigital Library
Chenxiong Qian, Hong Hu, Mansour Alharthi, Simon Pak Ho Chung, Taesoo Kim, and Wenke Lee. 2019. RAZOR: A Framework for Post-deployment Software Debloating. In 28th USENIX Security Symposium, USENIX Security 2019, Santa Clara, CA, USA, August 14-16, 2019, Nadia Heninger and Patrick Traynor (Eds.). USENIX Association, 1733–1750. https://www.usenix.org/conference/usenixsecurity19/presentation/qian Google Scholar
Chenxiong Qian, Hyungjoon Koo, ChangSeok Oh, Taesoo Kim, and Wenke Lee. 2020. Slimium: Debloating the Chromium Browser with Feature Subsetting. In CCS ’20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020, Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna (Eds.). ACM, 461–476. https://doi.org/10.1145/3372297.3417866 Google ScholarDigital Library
Anh Quach, Aravind Prakash, and Lok Yan. 2018. Debloating Software through Piece-Wise Compilation and Loading. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD. 869–886. isbn:978-1-931971-46-1 https://www.usenix.org/conference/usenixsecurity18/presentation/quach Google ScholarDigital Library
2018. ROPgadget v5.4. https://github.com/JonathanSalwan/ROPgadget Accessed: 2021 Oct 10 Google Scholar
AliAkbar Sadeghi, Salman Niksefat, and Maryam Rostamipour. 2018. Pure-Call Oriented Programming (PCOP): chaining the gadgets using call instructions. J. Comput. Virol. Hacking Tech., 14, 2 (2018), 139–156. https://doi.org/10.1007/s11416-017-0299-1 Google ScholarCross Ref
Morten Schenk. [n. d.]. Bypassing Control Flow Guard in Windows 10. h Google Scholar
Sascha Schirra. 2021. Ropper. https://github.com/sashs/ropper Accessed: 2021 Sept 10 Google Scholar
Felix Schuster, Thomas Tendyck, Christopher Liebchen, Lucas Davi, Ahmad-Reza Sadeghi, and Thorsten Holz. 2015. Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications. In 2015 IEEE Symposium on Security and Privacy, SP 2015, San Jose, CA, USA, May 17-21, 2015. IEEE Computer Society, 745–762. https://doi.org/10.1109/SP.2015.51 Google ScholarDigital Library
Hovav Shacham. 2007. The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, Alexandria, Virginia, USA, October 28-31, 2007, Peng Ning, Sabrina De Capitani di Vimercati, and Paul F. Syverson (Eds.). ACM, 552–561. isbn:978-1-59593-703-2 https://doi.org/10.1145/1315245.1315313 Google ScholarDigital Library
Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, and Dan Boneh. 2004. On the effectiveness of address-space randomization. In Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, Washington, DC, USA, October 25-29, 2004, Vijayalakshmi Atluri, Birgit Pfitzmann, and Patrick D. McDaniel (Eds.). ACM, 298–307. https://doi.org/10.1145/1030083.1030124 Google ScholarDigital Library
Vedvyas Shanbhogue, Deepak Gupta, and Ravi Sahita. 2019. Security Analysis of Processor Instruction Set Architecture for Enforcing Control-Flow Integrity. In Proceedings of the 8th International Workshop on Hardware and Architectural Support for Security and Privacy (HASP ’19). Association for Computing Machinery, New York, NY, USA. Article 8, 11 pages. isbn:9781450372268 https://doi.org/10.1145/3337167.3337175 Google ScholarDigital Library
Hashim Sharif, Muhammad Abubakar, Ashish Gehani, and Fareed Zaffar. 2018. TRIMMER: application specialization for code debloating. In Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, ASE 2018, Montpellier, France, September 3-7, 2018, Marianne Huchard, Christian Kästner, and Gordon Fraser (Eds.). ACM, 329–339. https://doi.org/10.1145/3238147.3238160 Google ScholarDigital Library
Kevin Z. Snow, Fabian Monrose, Lucas Davi, Alexandra Dmitrienko, Christopher Liebchen, and Ahmad-Reza Sadeghi. 2013. Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization. In Proceedings of the 2013 IEEE Symposium on Security and Privacy (SP ’13). IEEE Computer Society, Washington, DC, USA. 574–588. isbn:978-0-7695-4977-4 https://doi.org/10.1109/SP.2013.45 Google ScholarDigital Library
César Soto-Valero, Thomas Durieux, Nicolas Harrand, and Benoit Baudry. 2022. Coverage-Based Debloating for Java Bytecode. ACM Trans. Softw. Eng. Methodol., jun, issn:1049-331X https://doi.org/10.1145/3546948 Just Accepted Google ScholarDigital Library
Bing Sun, Jin Liu, and Chong Xu. 2019. How to Survive the Hardware-assisted Control-flow Integrity Enforcement. https://i.blackhat.com/asia-19/Thu-March-28/bh-asia-Sun-How-to-Survive-the-Hardware-Assisted-Control-Flow-Integrity-Enforcement.pdf Accessed: 2022 Jun 06 Google Scholar
Vijay Sundaresan, Laurie Hendren, Chrislain Razafimahefa, Raja Vallée-Rai, Patrick Lam, Etienne Gagnon, and Charles Godin. 2000. Practical Virtual Method Call Resolution for Java. In Proceedings of the 15th ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA ’00). Association for Computing Machinery, New York, NY, USA. 264–280. isbn:158113200X https://doi.org/10.1145/353171.353189 Google ScholarDigital Library
Jack Tang. 2015. Exploring Control Flow Guard in Windows 10. Trend Micro. https://documents.trendmicro.com/assets/wp/exploring-control-flow-guard-in-windows10.pdf Google Scholar
Sam Thomas. [n. d.]. Object Oriented Exploitation: New techniques in Windows mitigation bypass. h Google Scholar
Minh Tran, Mark Etheridge, Tyler Bletsch, Xuxian Jiang, Vincent Freeh, and Peng Ning. 2011. On the Expressiveness of Return-into-libc Attacks. In Recent Advances in Intrusion Detection, Robin Sommer, Davide Balzarotti, and Gregor Maier (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 121–141. isbn:978-3-642-23644-0 Google Scholar
Victor van der Veen, Dennis Andriesse, Enes Göktas, Ben Gras, Lionel Sambuc, Asia Slowinska, Herbert Bos, and Cristiano Giuffrida. 2015. Practical Context-Sensitive CFI. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, October 12-16, 2015, Indrajit Ray, Ninghui Li, and Christopher Kruegel (Eds.). ACM, 927–940. https://doi.org/10.1145/2810103.2813673 Google ScholarDigital Library
Victor van der Veen, Enes Göktas, Moritz Contag, Andre Pawoloski, Xi Chen, Sanjay Rawat, Herbert Bos, Thorsten Holz, Elias Athanasopoulos, and Cristiano Giuffrida. 2016. A Tough Call: Mitigating Advanced Code-Reuse Attacks at the Binary Level. In IEEE Symposium on Security and Privacy, SP 2016, San Jose, CA, USA, May 22-26, 2016. IEEE Computer Society, 934–953. https://doi.org/10.1109/SP.2016.60 Google ScholarCross Ref
W3Techs. 2021. Usage statistics of web servers. https://w3techs.com/technologies/overview/web_server Accessed: 2021 Oct 10 Google Scholar
Danny Wei, Lywang, and FlowerCode. 2016. Return Flow Guard. https://xlab.tencent.com/en/2016/11/02/return-flow-guard/ Accessed: 2022 Oct 21 Google Scholar
Guoqing Xu and Atanas Rountev. 2010. Detecting Inefficiently-used Containers to Avoid Bloat. In Proceedings of the 31st ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’10). ACM, New York, NY, USA. 160–173. isbn:978-1-4503-0019-3 https://doi.org/10.1145/1806596.1806616 Google ScholarDigital Library
Guoqing (Harry) Xu. 2012. Finding reusable data structures. In Proceedings of the 27th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2012, part of SPLASH 2012, Tucson, AZ, USA, October 21-25, 2012, Gary T. Leavens and Matthew B. Dwyer (Eds.). ACM, 1017–1034. https://doi.org/10.1145/2384616.2384690 Google ScholarDigital Library
Guoqing (Harry) Xu, Nick Mitchell, Matthew Arnold, Atanas Rountev, Edith Schonberg, and Gary Sevitsky. 2010. Finding low-utility data structures. In Proceedings of the 2010 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2010, Toronto, Ontario, Canada, June 5-10, 2010, Benjamin G. Zorn and Alexander Aiken (Eds.). ACM, 174–186. https://doi.org/10.1145/1806596.1806617 Google ScholarDigital Library
Guoqing (Harry) Xu, Nick Mitchell, Matthew Arnold, Atanas Rountev, and Gary Sevitsky. 2010. Software bloat analysis: finding, removing, and preventing performance problems in modern large-scale object-oriented applications. In Proceedings of the Workshop on Future of Software Engineering Research, FoSER 2010, at the 18th ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2010, Santa Fe, NM, USA, November 7-11, 2010, Gruia-Catalin Roman and Kevin J. Sullivan (Eds.). ACM, 421–426. https://doi.org/10.1145/1882362.1882448 Google ScholarDigital Library
Zhang Yunha. [n. d.]. Bypass Control Flow Guard Comprehensively. h Google Scholar
Chao Zhang, Tao Wei, Zhaofeng Chen, Lei Duan, Laszlo Szekeres, Stephen McCamant, Dawn Song, and Wei Zou. 2013. Practical Control Flow Integrity and Randomization for Binary Executables. In 2013 IEEE Symposium on Security and Privacy, SP 2013, Berkeley, CA, USA, May 19-22, 2013. IEEE Computer Society, 559–573. https://doi.org/10.1109/SP.2013.44 Google ScholarDigital Library
Mingwei Zhang and R. Sekar. 2013. Control Flow Integrity for COTS Binaries. In Proceedings of the 22Nd USENIX Conference on Security (SEC’13). USENIX Association, Berkeley, CA, USA. 337–352. isbn:978-1-931971-03-4 http://dl.acm.org/citation.cfm?id=2534766.2534796 Google Scholar

Index Terms

Decker: Attack Surface Reduction via On-Demand Code Mapping
1. Security and privacy
  1. Software and application security
    1. Software security engineering

Recommendations

A dynamic detective method against ROP attack on ARM platform
SEES '12: Proceedings of the Second International Workshop on Software Engineering for Embedded Systems

with the popularity of embedded devices, especially smart phones, a growing attention has been paid to their programs' security. Many viruses on PC platforms migrated to embedded device have brought new threats to the security of the embedded platform. ...
Read More
Multi-Layer API Specialization for Attack Surface Reduction
Read More
BlankIt library debloating: getting what you want instead of cutting what you don’t
PLDI 2020: Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation

Modern software systems make extensive use of libraries derived from C and C++. Because of the lack of memory safety in these languages, however, the libraries may suffer from vulnerabilities, which can expose the applications to potential attacks. For ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
ASPLOS 2023: Proceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 2
January 2023
947 pages
ISBN:9781450399166
DOI:10.1145/3575693
General Chair:
Tor M. Aamodt
University of British Columbia, Canada
,
Program Chairs:
Natalie Enright Jerger
University of Toronto, Canada
,
Michael Swift
University of Wisconsin-Madison, USA
Copyright © 2023 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 30 January 2023
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Badges
Author Tags
program security
software debloating
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate535of2,713submissions,20%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 0
  Total Citations
  View Citations
- 491
  Total Downloads
- Downloads (Last 12 months)365
- Downloads (Last 6 weeks)27
Other Metrics
View Author Metrics
Cited By
This publication has not been cited yet

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Decker: Attack Surface Reduction via On-Demand Code Mapping

ASPLOS 2023: Proceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 2

ABSTRACT

References

Cited By

Index Terms

Recommendations

A dynamic detective method against ROP attack on ARM platform

Multi-Layer API Specialization for Attack Surface Reduction

BlankIt library debloating: getting what you want instead of cutting what you don’t