Marlin: making it harder to fish for gadgets
Code-reuse attacks, including return-oriented programming (ROP) and jump-oriented programming, bypass defenses against code injection by repurposing existing executable code in application binaries and shared libraries toward a malicious end. A common feature of these attacks is the reliance on the knowledge of the layout of the executable code. We propose a fine grained randomization based approach that modifies the layout of executable code and hinders code-reuse attack. Our solution consists solely of a modified dynamic loader that randomizes the internal structure of the executable code, thereby denying the attacker the necessary apriori knowledge for constructing the desired sequence of gadgets. Our approach has the advantage that it can be applied to any ELF binary and every execution of this binary uses a different randomization. We describe the initial implementation of Marlin, a customized loader for randomization of executable code. Our work shows that such an approach is feasible and significantly increases the level of security against code-reuse attacks.
access controls, malware, return-oriented programming, security
Date of this Version