Skip to content

runsafesecurity/selfrando

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
7 branches 11 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
Tools
 
 
cmake
 
 
debian
 
 
docs
 
 
scripts
 
 
src
 
 
tests
 
 
.gitattributes
 
 
.gitignore
 
 
.travis.yml
 
 
CMakeLists.txt
 
 
CONTRIBUTING
 
 
LICENSE
 
 
README.md
 
 
SConstruct
 
 
appveyor.yml
 
 
self-rando-windows.sln
 
 
selfrando-vs-aslr.pdf
 
 
selfrando-vs-aslr.png
 
 
RunSafe Security selfrando Features Build instructions License Acknowledgements

README.md

Travis build status Appveyor build status

RunSafe Security selfrando

Software written in C and C++ is exposed to exploitation of memory corruption. Compilers and operating systems include various exploit mitigation mechanisms that prevent certain offensive techniques. Unfortunately, standard mitigations lag behind the offensive techniques used in exploits against browsers, servers, and other frequently targeted software and do not stop a well-resourced adversary.

selfrando can be used to harden your software beyond what is possible with current mitigations. Inspired by biodiversity in nature and existing randomizing defenses, selfrando varies the attack surface, i.e., the code layout, by randomizing each function separately. This makes exploit writing harder and increases resilience to information leakage relative to traditional address space layout randomization (ASLR) techniques.

Comparing selfrando to ASLR

Features

  • Low-overhead selfrando has an imperceptible effect on program initialization and runtime performance. When using the SPEC CPU2006 suite suite, selfrando adds less than a 1% overhead to most of the benchmark running times.
  • Load-time randomization. Binaries built with selfrando are all identical on-disk because the code layout is not randomized until it is loaded into main memory. This means that protected programs can be distributed just like traditional programs and can use the same cheksumming and signature tools too.
  • Easy to use No changes to build tools or processes are required. In most cases, using selfrando is as easy as adding a new compiler and linker flags to your existing build scripts.

Build instructions

License

The Linux-compatible version of selfrando is offered under the Affero General Public License version 1.

Visit http://runsafesecurity.com if you are interested in a commercial support to protect your software with selfrando on Windows, Android, and Linux.

Acknowledgements

Researchers from University of California, Irvine, Technische Universität Darmstadt (Germany), and the Tor Project contributed to the development of selfrando.

This work is based upon work partially supported by the Defense Advanced Research Projects Agency (DARPA) under contracts FA8750-15-C-0124, FA8750-15-C-0085, and FA8750-10-C-0237 and by the National Science Foundation under award number IIP-1520552.

This work was supported in part by the German Science Foundation (project S2, CRC 1119 CROSSING), the European Union's Seventh Framework Programme (609611, PRACTICE), and the German Federal Ministry of Education and Research within CRISP.

About

Function order shuffling to defend against ROP and other types of code reuse

runsafesecurity.com

Topics

linux diversity randomization security-hardening defense mitigations aslr mitigation

Resources

Readme

License

View license
Activity

Stars

208 stars

Watchers

24 watching

Forks

29 forks
Report repository

Releases

11 tags

Packages

No packages published

Contributors 7

Languages