Return to search

rave: A Framework for Code and Memory Randomization of Linux Containers

Memory corruption continues to plague modern software systems, as it has for decades. With
the emergence of code-reuse attacks which take advantage of these vulnerabilities like Return-
Oriented Programming (ROP) or non-control data attacks like Data-Oriented programming
(DOP), defenses against these are growing thin. These attacks, and more advanced variations
of them, are becoming more difficult to detect and to mitigate. In this arms race, it
is critical to not only develop mitigation techniques, but also ways we can effectively deploy
those techniques. In this work, we present rave - a framework which takes common design
features of defenses against memory corruption and code-reuse and puts them in a real-world
setting. Rave consists of two components: librave, the library responsible for static binary
analysis and instrumentation, and CRIU-rave, an extended version of the battle-tested process
migration tool available for Linux. In our prototype of this framework, we have shown
that these tools can be used to rewrite live applications, like NGINX, with enough randomization
to disrupt memory corruption attacks.
This work is supported in part by ONR under grant N00014-18-1-2022 and NAVSEA/NEEC/NSWC
Dahlgren under grant N00174-20-1-0009. / Master of Science / Memory corruption attacks continue to be a concrete threat against modern computer systems.
Malicious actors can take advantage of related vulnerabilities to carry out more
advance, hard-to-detect attacks which give them control of the target or leak critical information.
Many works have been developed to defend against these sophisticated attacks and
their triggers (memory corruption), but many struggle to be adopted into the real-world for
reasons such as instability or difficulty in deployment. In this work, we introduce rave, a
framework which seeks to address issues of stability and deployment by designing a way for
defenders to coordinate and apply mitigation techniques in a real-world setting.

Identiferoai:union.ndltd.org:VTETD/oai:vtechworks.lib.vt.edu:10919/113177
Date23 July 2021
CreatorsBlackburn, Christopher Nogueira
ContributorsElectrical and Computer Engineering, Ravindran, Binoy, Wang, Haining, Nikolaev, Ruslan
PublisherVirginia Tech
Source SetsVirginia Tech Theses and Dissertation
Detected LanguageEnglish
TypeThesis
FormatETD, application/pdf
RightsIn Copyright, http://rightsstatements.org/vocab/InC/1.0/

Page generated in 0.0019 seconds