Applying Machine-model Based Countermeasure Design to Improve Protection Against Code Injection Attacks

Many countermeasures for code injection attacks are built in an ad-hoc manner, with countermeasure designers building a countermeasure and attackers finding ways around the countermeasure followed by the design of better countermeasure. We propose a using a more methodological approach to building countermeasures using a model of the execution environment of the program. This model contains all abstractions and memory locations that the OS relies upon to execute a program (e.g. stack, GOT, etc.), with the operations that are performed on them. Such a model is called a machine model and can allow a countermeasure designer to design countermeasures at a more abstract level. It also provides a platform for comparing and evaluating countermeasures.

Such a machine model is strongly linked to the architecture, the operating system , the programming language and the compiler that it is based on. This limits the applicability of a specific machinemodel. To counter this we are also designing a metamodel and devising a methodology for constructing machine models based on this metamodel, reducing the initial cost of building a machine model. The metamodel is an abstraction of several machine models: it provides uniformity when constructing machine models and allows a designer to work out the global principles of a countermeasure independent of a specific platform. By keeping machine models uniform, the task of implementing or porting countermeasures from one platform to another is simplified.