RandSys: Thwarting Code Injection Attacks With System Service Interface Randomization
Code injection attacks are a top threat to today's Internet. With zero-day attacks on the rise, randomization techniques have been introduced to diversify software and operation systems of networked hosts so that attacks that succeed on one process or one host cannot succeed on others. Two most notable system-wide randomization techniques are Instruction Set Randomization (ISR) and Address Space Layout Randomization (ASLR). The former randomizes instruction set for each process, while the latter randomizes the memory address space layout. Both suffer from a number of attacks. In this paper, the authors advocate and demonstrate that by combining ISR and ASLR effectively, they can offer much more robust protection than each of them individually. However, trivial combination of both schemes is not sufficient.