网络与信息安全学报 (Dec 2022)

Software diversity evaluation method based on the properties of ROP/JOP gadgets

  • Yuning CHI, Yunfei GUO, Yawen WANG, Hongchao HU

DOI
https://doi.org/10.11959/j.issn.2096-109x.2022086
Journal volume & issue
Vol. 8, no. 6
pp. 135 – 145

Abstract

Read online

In order to reduce the risk of rapid spread of homogeneous attacks in network systems, and enhance network and software security, software diversification technologies are applied widely nowadays.Software diversification aims to generate functionally equivalent but internally changed program variants, thereby alter a single operating environment and mitigating homogenization attacks.The existing diversified technical evaluation index ROP gadgets survival rate is difficult to directly reflect the safety impact and the evaluation method is single.In order to evaluate the effectiveness of the diversification method more comprehensively and effectively, a software diversification evaluation method based on the properties of ROP/JOP gadgets is proposed, by analyzing common code reuse attacks, and turns abstract quantification into concrete indicators evaluates the security gain and effect of diversified methods from three aspects of space, time and quality.The method first discusses how diversification techniques affect ROP/JOP attacks according to the three properties of gadgets similarity, damage degree and availability.Nine kinds of diversification methods, such as instruction replacement, NOP insertion, and control flow flattening, are used to diversify the GNU coreutils assembly to generate diversification assembly.Experiments based on the property of gadgets are carried out on the diverse assemblies, and the effectiveness of different diversification methods and the impact on attacks are evaluated according to the experimental results.The experimental results show that this method can accurately evaluate the security gain of software diversification methods, the diversification technology will lead to the increase of the attack chain space required by the ROP/JOP attack, the longer time to construct the attack chain and the lower the attack success rate.The effects of different diversification methods are different, it has a guiding role for the follow-up research on diversified technologies with higher safety gains.

Keywords