English

Using Name Confusion to Enhance Security

Cryptography and Security 2020-08-28 v3 Hardware Architecture

Abstract

We introduce a novel concept, called Name Confusion, and demonstrate how it can be employed to thwart multiple classes of code-reuse attacks. By building upon Name Confusion, we derive Phantom Name System (PNS): a security protocol that provides multiple names (addresses) to program instructions. Unlike the conventional model of virtual memory with a one-to-one mapping between instructions and virtual memory addresses, PNS creates N mappings for the same instruction, and randomly switches between them at runtime. PNS achieves fast randomization, at the granularity of basic blocks, which mitigates a class of attacks known as (just-in-time) code-reuse. If an attacker uses a memory safety-related vulnerability to cause any of the instruction addresses to be different from the one chosen during a fetch, the exploited program will crash. We quantitatively evaluate how PNS mitigates real-world code-reuse attacks by reducing the success probability of typical exploits to approximately 101210^{-12}. We implement PNS and validate it by running SPEC CPU2017 benchmark suite. We further verify its practicality by adding it to a RISC-V core on an FPGA. Lastly, PNS is mainly designed for resource constrained (wimpy) devices and has negligible performance overhead, compared to commercially-available, state-of-the-art, hardware-based protections.

Keywords

Cite

@article{arxiv.1911.02038,
  title  = {Using Name Confusion to Enhance Security},
  author = {Mohamed Tarek Ibn Ziad and Miguel A. Arroyo and Evgeny Manzhosov and Vasileios P. Kemerlis and Simha Sethumadhavan},
  journal= {arXiv preprint arXiv:1911.02038},
  year   = {2020}
}
R2 v1 2026-06-23T12:06:39.720Z