Address-Space Randomization for Windows Systems

Lixin Li, James Just, R. Sekar
2006 Proceedings of the Computer Security Applications Conference  
Address-space randomization (ASR) is a promising solution to defend against memory corruption attacks that have contributed to about three-quarters of US-CERT advisories in the past few years. Several techniques have been proposed for implementing ASR on Linux, but its application to Microsoft Windows, the largest monoculture on the Internet, has not received as much attention. We address this problem in this paper and describe a solution that provides about 15-bits of randomness in the
more » ... s of all (code or data) objects. Our randomization is applicable to all processes on a Windows box, including all core system services, as well as applications such as web browsers, office applications, and so on. Our solution has been deployed continuously for about a year on a desktop system used daily, and is robust enough for production use.
doi:10.1109/acsac.2006.10 dblp:conf/acsac/LiJS06 fatcat:izttl3kirbeyzj3erjf345wba4