-----BEGIN PGP SIGNED MESSAGE----- Crispin Cowan <crispinat_private> writes: > The idea of randomizing the stack was put forward by Stephanie > Forrest et al in their HotOS'97 paper "Building Diverse Computer > Systems". They proposed to add a random amount fo fill to each > activation record, so that the return address was an unknown offset > from the buffers being overflowed. It's cute, but it doesn't > prevent the attacker from just repeating the desired destination > address over and over again, reducing the problem to one of hitting > the correct byte allignment. As one of the co-authors of the HotOS paper, I feel I should stick my head in at this point. The GCC modification was a proof-of-concept which simply showed that diversification (even a very simple one) can defeat real attacks. I certainly never meant for this five-line GCC modification to actually be used. (Background: I did the implementation as a class project!) So, please do not refer to this as "Forrest's approach." The main purpose of that paper was to discuss the fact that computer systems today are amazingly homogeneous at a binary level, and this lack of diversity leads to many of the security problems that we see. One cracker writing a script to break in to one machine is generally not a big deal; one cracker spreading a script on the net that can break into thousands of machines _is_ a problem. We can avoid this by making computer systems unique - the trick is to do this while providing a uniform interface to users. We discussed several approaches in: ftp://ftp.cs.unm.edu/pub/forrest/hotos-97.ps For those of you unfamiliar with Crispin's research, some of these ideas are also discussed in: http://www.cse.ogi.edu/DISC/projects/immunix/icmas96.ps.gz This paper takes a somewhat different approach to the problem than we do. Diversity is no panacea; it is merely one strategy that biological systems use to survive. If you are interested in learning more about our ideas, please visit: http://www.cs.unm.edu/~steveah/research.html http://www.cs.unm.edu/~forrest Although we are working on more advanced implementations, we certainly have more ideas than time! If anyone is inspired to actually build something based on these ideas, please go ahead; there are many, many things that remain to be tried. --Anil - -- Anil Somayaji (somaat_private) http://www.cs.unm.edu/~soma +1 505 872 3150 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNcuNT0LkmkLHxWM5AQGnngP/Vh+zgvOzrAjAsaAvMxWCBDkM6uhoYcVt R7W53Y9M7t+36mAUGc2fu4vfOLttXH4Zr7ehGHdDqHpn1OZnHDxJKDicA4m+dRQw Ls5vLhLe7ENfzMhF+paKuWkFpwcONyA0scdcVqG0Foeo54jvgXPYt3nDoIuRgFAU P1IKa3Y5sqg= =2pxo -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:11:50 PDT