Using Diversity to Harden Multithreaded Programs Against Exploitation

摘要

Multithreaded programming is here to stay, and concurrency bugs are the focus of a growing number of cyberattacks. While most defensive efforts against such attacks seek to identify bugs during debugging, an alternative method seeks to make exploitation harder without the need to first identify the bugs -- or even the fact that there are any. Time randomization introduces more diversity among instances of the same software. In much the same way that ASLR-induced diversity in memory locations thwarts attacks crafted for specific addresses, time randomization-induced diversity in thread timing aims to thwart concurrency attacks crafted for specific vulnerability windows. We study three implementations of time randomization, all using the injection of NOPs to alter program timing. Their application to two real-world concurrency bugs results in a marked increase in the cost to exploit those bugs. After demonstrating the effectiveness of the method, especially when NOPs are injected before library function calls following synchronization points, methods for improving the efficiency of this defense against concurrency attacks in future research are proposed.