Skip to main content
SpringerLink
Log in
Book cover

Horizons of the Mind. A Tribute to Prakash Panangaden pp 1–39Cite as

Layout Randomization and Nondeterminism

  • Chapter

  • 910 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 8464))

Abstract

In security, layout randomization is a popular, effective attack mitigation technique. Recent work has aimed to explain it rigorously, focusing on deterministic systems. In this paper, we study layout randomization in the presence of nondeterministic choice. We develop a semantic approach based on denotational models and the induced notions of contextual public observation, characterized by simulation relations. This approach abstracts from language details, and helps manage the delicate interaction between nondeterminism and probability. In particular, memory access probabilities are not independent, but rather depend on a fixed probability distribution over memory layouts; we therefore model probability using random variables rather than any notion of probabilistic powerdomain

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Goldwasser, S., Micali, S.: Probabilistic encryption. JCSS 28, 270–299 (1984)

    MathSciNet  MATH  Google Scholar 

  2. Forrest, S., Somayaji, A., Ackley, D.H.: Building diverse computer systems. In: 6th Workshop on Hot Topics in Operating Systems, pp. 67–72 (1997)

    Google Scholar 

  3. Druschel, P., Peterson, L.L.: High-performance cross-domain data transfer. Technical Report TR 92-11, Department of Computer Science, The University of Arizona (1992)

    Google Scholar 

  4. PaX Project: The PaX project (2004), http://pax.grsecurity.net/

  5. Erlingsson, Ú.: Low-level software security: Attacks and defenses. In: Aldini, A., Gorrieri, R. (eds.) FOSAD 2007. LNCS, vol. 4677, pp. 92–134. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  6. Pucella, R., Schneider, F.B.: Independence from obfuscation: A semantic framework for diversity. Journal of Computer Security 18(5), 701–749 (2010)

    Article  Google Scholar 

  7. Abadi, M., Plotkin, G.D.: On protection by layout randomization. ACM Transactions on Information and System Security 15(2), 1–8 (2012)

    Article  Google Scholar 

  8. Jagadeesan, R., Pitcher, C., Rathke, J., Riely, J.: Local memory via layout randomization. In: 24th IEEE Computer Security Foundations Symposium, pp. 161–174 (2011)

    Google Scholar 

  9. Abadi, M., Planul, J.: On layout randomization for arrays and functions. In: Basin, D., Mitchell, J.C. (eds.) POST 2013. LNCS, vol. 7796, pp. 167–185. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  10. Lincoln, P., Mitchell, J., Mitchell, M., Scedrov, A.: A probabilistic poly-time framework for protocol analysis. In: Proceedings of the Fifth ACM Conference on Computer and Communications Security, pp. 112–121 (1998)

    Google Scholar 

  11. Mitchell, J.C., Ramanathan, A., Scedrov, A., Teague, V.: A probabilistic polynomial-time process calculus for the analysis of cryptographic protocols. TCS 353(1-3), 118–164 (2006)

    Article  MathSciNet  MATH  Google Scholar 

  12. Canetti, R., Cheung, L., Kaynar, D.K., Liskov, M., Lynch, N.A., Pereira, O., Segala, R.: Analyzing security protocols using time-bounded task-pioas. Discrete Event Dynamic Systems 18(1), 111–159 (2008)

    Article  MATH  Google Scholar 

  13. Gierz, G., Hofmann, K.H., Keimel, K., Lawson, J.D., Mislove, M.W., Scott, D.S.: Continuous lattices and domains. Encyclopaedia of mathematics and its applications, vol. 93. CUP (2003)

    Google Scholar 

  14. Mislove, M.W.: On combining probability and nondeterminism. ENTCS 162, 261–265 (2006)

    Google Scholar 

  15. Tix, R., Keimel, K., Plotkin, G.D.: Semantic domains for combining probability and non-determinism. ENTCS 222, 3–99 (2009)

    MATH  Google Scholar 

  16. Goubault-Larrecq, J.: Prevision domains and convex powercones. In: Amadio, R.M. (ed.) FOSSACS 2008. LNCS, vol. 4962, pp. 318–333. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  17. Abadi, M., Planul, J., Plotkin, G.D.: Layout randomization and nondeterminism. ENTCS 298, 29–50 (2013)

    MathSciNet  MATH  Google Scholar 

  18. Abadi, M., Lamport, L.: The existence of refinement mappings. TCS 82(2), 253–284 (1991)

    Google Scholar 

  19. Sabelfeld, A., Sands, D.: Probabilistic noninterference for multi-threaded programs. In: 13th IEEE Computer Security Foundations Workshop, pp. 200–214 (2000)

    Google Scholar 

  20. Klarlund, N., Schneider, F.B.: Proving nondeterministically specified safety properties using progress measures. Information and Computation 107(1), 151–170 (1993)

    Article  MathSciNet  MATH  Google Scholar 

  21. de Roever, W.P., Engelhardt, K.: Data Refinement: Model-oriented Proof Theories and their Comparison. Cambridge Tracts in Theo. Comp. Sci., vol. 46. CUP (1998)

    Google Scholar 

  22. Jackson, M.: A sheaf theoretic approach to measure theory. PhD thesis, U. Pitt. (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Microsoft Research, USA

    Martín Abadi & Gordon D. Plotkin

  2. Department of Computer Science, Stanford University, USA

    Jérémy Planul

  3. LFCS, School of Informatics, University of Edinburgh, UK

    Gordon D. Plotkin

Authors
  1. Martín Abadi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jérémy Planul
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gordon D. Plotkin
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electrical Engineering and Computer Science, York University, Keele Street, 4700, M3J 1P3, Toronto, ON, Canada

    Franck van Breugel

  2. School of Informatics, Informatics Forum, University of Edinburgh, 10 Crichton Street, EH8 9LE, Edinburgh, UK

    Elham Kashefi

  3. Inria Saclay, Campus de l’École Polytechnique, Bâtiment Alan Turing, 1, rue Honoré d’Estienne d’Orves, 91120, Palaiseau, France

    Catuscia Palamidessi

  4. CWI, P.O. Box 94079, 1090, Amsterdam, GB, The Netherlands

    Jan Rutten

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Abadi, M., Planul, J., Plotkin, G.D. (2014). Layout Randomization and Nondeterminism. In: van Breugel, F., Kashefi, E., Palamidessi, C., Rutten, J. (eds) Horizons of the Mind. A Tribute to Prakash Panangaden. Lecture Notes in Computer Science, vol 8464. Springer, Cham. https://doi.org/10.1007/978-3-319-06880-0_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-06880-0_1

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-06879-4

  • Online ISBN: 978-3-319-06880-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation