Full Program »
Practical Fine-Grained Binary Code Randomization
Despite its promise against code reuse attacks, fine-grained code randomization has not been deployed widely due to compatibility as well as performance concerns. Previous techniques often required source code access in order to obtain good performance, but this breaks compatibility with the software distribution and update mechanisms prevalent today. Moreover, they break C++ exceptions and stack tracing, which are crucial for practical deployment. We first propose a new, tunable randomization technique, called LLR(k), that is compatible with these features. We then show that the metadata to support exceptions/stack-tracing can be a rich source of information for attackers. We propose a new entropy metric that captures the difficulty of attacks informed by this metadata, and a novel metadata reduction technique that significantly increases this entropy without degrading exception handling. As a result, our LLR(k) can achieve sufficient entropies while sporting a low overhead of under 1.5%.