COLLOQUIUM Department of Computer Science and Engineering University of South Carolina Defeating Security Attacks Through Runtime Mechanisms Jun Xu Department of Computer Science University of Illinois at Urbana-Champaign Date: March 7, 2003 (Friday) Time: 3:30-4:30PM Place: Swearingen 1A03 (Faculty Lounge) Abstract When software systems are deployed for critical services, implementation defects often become exploitable security vulnerabilities. Current software engineering practice is not advanced enough for producing bug-free systems. Our study on security databases shows that nearly 60% percent all reported vulnerabilities are due to software implementation defects. Given that such defects will continue to exist, we must build mechanisms to mask their malicious effects. In this talk, I will present several techniques I developed to defeat security attacks that exploit a broad range of vulnerabilities due to implementation defects. The Transparent Runtime Randomization algorithm (TRR) randomly places critical program data regions and breaks an attacker's assumption of memory layout in the target system. TRR modifies the Linux kernel and dynamic program loader to achieve the goal. By changing the GNU C compiler (gcc), the Control Data Randomization algorithm randomly encodes critical program data to foil security attacks. Both TRR and CDR incur only small runtime overhead. I also explored the potential of processor level mechanisms in defeating security attacks. The Secure Return Address Stack (SRAS) enhances existing architectural facility to defeat stack-based buffer overflow attacks. Finally, I will briefly present the Reliability and Security Processor Engine currently being investigated. Jun Xu is a Ph.D. candidate in Computer Science at the Center for Reliable and High-Performance Computing (CRHC), the University of Illinois at Urbana-Champaign. He is interested in exploring operating system, compiler and architecture mechanisms for security and dependability. He is also interested in evaluation, validation, and measurement-based analysis of dependability and security. Between 1996 and 1997, he was a software engineer at Apple Computer and developed, arguably, the first customizable Chinese input method. Jun received the B.S. degree from Beijing University in 1996 and the M.S. from the University of Pittsburgh in 1998, both in computer science.