Preventing code-reuse attacks by stopping code pointer leakages
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
binutils-2.24 aslr-guard Feb 24, 2016
eglibc-2.19-orig aslr-guard Feb 24, 2016
eglibc-2.19 aslr-guard Feb 24, 2016
gcc-4.8.2 aslr-guard Feb 24, 2016
pre-built aslr-guard Feb 24, 2016
spec aslr-guard Feb 24, 2016
unittest aslr-guard Feb 24, 2016
LICENSE.txt aslr-guard Feb 24, 2016
NOTE.todo aslr-guard Feb 24, 2016 README Feb 24, 2016
aslrguard.pdf aslr-guard Feb 24, 2016 aslr-guard Feb 24, 2016 aslr-guard Feb 24, 2016


ASLR-Guard is a security mechanism aims to prevent code pointer leaks or render their leak harmless, so that code reuse attacks that need to first leak the randomized address can be prevented. ASLR-Guard toolchain is built based on the GNU toolchain. ASLR-Guard paper was published at ACM CCS'15.


CCS'15 paper: Webpage:

Build ASLR-Guard

It is easy to build:

cd <dir of ASLR-Guard>
$ ./

Detailed building steps and codebase structure of ASLR-Guard can be found in NOTE that your processor is supposed to support "rdrand" instruction; otherwise, define USE_MAGIC_CODE (a simulation of nonce, no guarantee in preventing function pointer replay attacks) and undefine USE_NONCE_RDRAND in eglibc-2.19/aslr-guard-config.h and binutils-2.24/gas/aslr-guard-config.h. More configurations are also available in these two files.

Use ASLR-Guard to protect programs

Run the test cases:

$ cd <dir of ASLR-Guard>/test
$ make

Please have a look at test/ to see individual steps to use ASLR-Guard.

Run SPEC Benchmarks with ASLR-Guard

Have SPEC CPU2006 Benchmarks installed Then:

$ cd <dir of ASLR-Guard>/scripts/spec
$ ./ <aslrguard|orig> all