Professional Documents
Culture Documents
1 Introduction
X. Huang and J. Zhou (Eds.): ISPEC 2014, LNCS 8434, pp. 172–186, 2014.
c Springer International Publishing Switzerland 2014
HDROP: Detecting ROP Attacks Using Performance Monitoring Counters 173
2 Design
In our design, there are three main challenges to be overcome. First, what are
our interesting performance events? PMC is capable of monitoring a variety of
processor performance events, and we need to identify those which are closely
helpful to detect ROP attack. Second, how to collect the data from the hardware
counters(e.g. PMC) for the further detection? Ideally, they should be collected
without the heavy overhead. Third, how to design detecting algorithm. In this
paper, we construct the algorithm on a balance between the accuracy and the
performance overhead. The solutions will be discussed in detail in the following
subsections.
different input, there are different execution paths on the same monitored in-
structions. To detect the abnormal increase of mispredicted ret instructions for
the given monitored instructions, we have to generate the baseline for each path.
In more serious cases, the baseline may be submerged by “noise”. However, if
we obtain the number of executed ret instructions at the same time, it is more
easy to identify the execution path than before. Furthermore, it is feasible to
detect ROP attacks with several baselines. Therefore, BR RET EXEC is an-
other interesting performance events which counts the number of executed ret
instructions[16].
At last, we pay close attention to the number of the retired instructions. As
mentioned earlier, our solution takes hundreds of instructions as a basic checking
unit. So we want to know the number of the retired instructions on the checked
execution path. With the number, we are able to know the length of our moni-
toring execution path, and the frequency that HDROP trap in at the checking
time. The performance event is denoted as INST RETIRED.ANY P[16].
Ideally, every entry and exit of the monitored instructions should be accom-
panied with one CP. With the above example, CP1 and CP2 should be located
176 H. Zhou et al.
3 Implementation
We have implemented a prototype of HDROP on fedora 5 with a 2.6.15-1 kernel.
Though most of ROP attacks are in the user space, [4] and [8] demonstrates the
feasibility of developing ROP rootkit in the kernel-space. Moreover, [4] proposes
a practicable defense technology to defeat ROP attacks. Like the above work, we
have developed HDROP to check ROP attacks in the kernel-space in this paper.
However, we believe that HDROP can be easily ported for detecting ROP attacks
in the user-space.
HDROP consist of some CPs and a DU(Decision Unit). To collect data, we
insert thousands of CPs into the kernel with a compiler-based approach, and
every CP sends the readings of hardware counters to DU. DU is developed as a
loadable module, and it activates the CPs in the kernel with a CP-map at the
loading time. HDROP is capable of customizing the monitoring objects with the
configured CP-map. At the training time, DU logs the collecting data to compute
the parameters of the detecting algorithm. At the running time, it performs the
final checking along the detecting algorithm.
In our implementation, the main challenge is to insert thousands of CPs into
the kernel. Our solution is developing a gcc plug-in that dynamically inserts
178 H. Zhou et al.
two CPs around each call instruction. More specifically, we rewrite the machine-
described file that is used as the guider for generating assembly code, and ask
gcc to insert the new instructions before and after each call instruction. The
instruction call the CPs function to report the readings of hardware counters.
Thus, we can monitor the execution of a function.
Figure 3 shows an example of our approach. Assume that we want to monitor
function F B, we insert two additional instructions around the call instruction in
function F A, which is shown as call F B in figure 3. The inserted instruction is
a five-byte call instruction which is shown as shadowed pane in the figure. Thus,
CPs collect the readings of hardware counters before and after the execution
of function F B. We redirect the kernel control flow to our code for collecting
readings of hardware counters.
Fig. 3. An example of inserting CPs. The shadowed panes are the inserted instructions,
and function F B is the monitored object. The dashed line indicates original execution
path, while the solid line shows appended execution path after CPs inserting into the
kernel.
Some readers may wonder that why we place the CPs around each call in-
struction? Our original intention is to build a function-granularity monitoring
framework. To the end, as shown in figure 3, one CP is inserted at the entry of
the function, and the other is inserted at the exit. Before CPs are inserted, the
execution path is shown by the dashed line in figure 3. After CPs are installed,
two additional executions are introduced which are indicated by the solid line
in figure 3. Moreover, with a configurable CP-map, it is flexible to monitor the
different functions. In this way, HDROP is able to cover most of kernel execution
path. Of course, there are some feasible solutions to insert CPs into the kernel
with the same goal. For example, we can insert the CPs at the beginning and
end of every function, which is considered it as an alternative scheme.
4 Evaluation
4.1 Effectiveness
To validate the effectiveness of our solution, we had constructed a ROP rootkit
guided by the approaches introduced by [3] and [7]. The rootkit waved six gad-
gets together that ends with ret instruction. Moreover, it did not reach any
HDROP: Detecting ROP Attacks Using Performance Monitoring Counters 179
malicious end, and only transfer the control from one gadget to next gadget for
incrementing one word in the memory. We launched the rootkit in two ways.
First, the kernel stack was overwritten to redirect kernel control flow to the
rootkit. Second, kernel control data was modified for hijacking kernel control
flow.
We had performed two experiments to show the effectiveness of HDROP. In
the first test, we had built a tested module that listed the running processes
in the kernel, and customized the CP-map to insert two CPs at the entry and
exit of the monitored function, which scanned task struct list to enumerate the
running processes in the kernel. At the training time, we caught the data for
computing the parameters of detecting algorithm. After that time, we launched
the ROP rootkit, and HDROP is able to detect the attack with the abnormal
increase on the number of mispredicted ret instructions.
Figure 4 shows the result of our first experiment. Every point in figure 4
means a two-tuples (missp num,exec num) where missp num means the num-
ber of mispredicted ret instructions and exec num is the number of executed
ret instructions. For example, (1,28) means that normal execution took 1 mis-
predicted ret instruction and 28 executed ret instructions. If the ROP attack
was launched, the number of mispredicted ret instructions was increased. As an
example, the point (8,36) was abnormal which was denoted as a square in the
figure. In the first test, the monitored execution path was simple, and HDROP
was easy to detect the ROP rootkit.
In the second experiment, HDROP placed two CPs around an indirect call
instruction in kernel function real lookup. HDROP recorded the data when the
ROP rootkit was or not loaded in the kernel by modifying the destination of
the indirect call instruction. The data, including the number of mispredicted ret
instruction and executed ret instruction, were also taken as a point in figure 5.
Like figure 4, a legal point denotes as a triangle, while a illegal point as a square
in figure 5. Moreover, figure 5 only shows the part of obtained data of HDROP
for a better exhibition. As shown in figure 5, these points were mixed together,
and we failed to identify a narrow-region to just hold all legal points. It meant
HDROP failed to detect ROP rootkit with the deployed CPs.
180 H. Zhou et al.
Fortunately, HDROP still had the capability of detecting the ROP rootkit.
As mentioned earlier, HDROP can overcome the challenge by adjusting the
CP-map to narrow the length of monitored instructions. Thus another CP was
implanted before the first call instruction in the function that is the target of the
monitored call instruction. In the normal execution, the number of mispredicted
ret instruction was usually zero. However, after launching ROP rootkit, the
number abnormally increased that was captured by the new inserted CP.
The above tests demonstrator the effectiveness of HDROR, and indicate the
feasibility of detecting ROP attacks with PMC. First, the rootkit is developed
following by [3],[4] and [8]. Second, the monitored objects include a kernel func-
tion and a module function. At last, we launch the ROP rootkit by modifying
kernel data which is a main way to subvert the kernel. In the future, we will
perform more experiments to show its effectiveness. Since there are some exist-
ing ROP shellcodes in the user-space, to check further its effectiveness, we might
improve HDROP for working in the user-space.
4.2 Performance
overhead of Dhrystone and Whetstone was almost zero. On the final score of
UnixBench, the average slowdown of HDROP was about 19%.
How many CPs should be inserted into the kernel? In our opinion, the num-
ber is no more than ten thousands against one assumption. We suppose that
the running kernel only hold several modules. To cover the dynamically loaded
modules, it is inevitable to place more CPs in the kernel. Moreover, OS often
loads different modules at the different time. So it is difficult to accurately esti-
mate the number of CPs if we want to cover all loadable modules. To make the
discussion clear, we optimistically suppose that the kernel only load few modules
without introducing additional CPs.
With the above assumption, we had performed following experiments to show
that several thousands CPs is able to cover the kernel. First, we caught the
number of the retired instructions while HDROP was detecting ROP attack.
We had performed our test based on the first experiment that was discussed in
the above subsection. We reset the hardware counter, and made it count the
number of retired instructions. What to be clarified was that the data was ob-
tained after HDROP detecting the ROP rootkit. The cause was that our tested
processor had only two hardware counters. At the detecting time, two counters
were busy to catch BR RET MISSP EXEC and BR RET EXEC. Therefore, the
number of retired instructions was obtained by repeating the test without catch-
ing BR RET MISSP EXEC. In the tests, we observed that HDROP monitored
about four hundreds instructions with only two CPs. In other words, HDROP
is able to take hundreds of instructions as the basic monitoring unit because
BR RET MISSP EXEC does not frequently occur.
To further validate our above idea, we had performed the other experiments
that monitored the execution of system calls. We placed two CPs around the
instruction call *sys call table to collect the number of retired instructions and
executed mispredicted ret instructions. In the test, we had catched 35802 items.
Every item can be denoted as {a,b}, where a was the number of executed mis-
predicted ret instructions and b was the number of retired instructions. Accord-
ing to the proportion of a to b, these items were divided into three categories
182 H. Zhou et al.
that was shown in figure 7. The first category was described as (a/b)*1000>5,
and held 2113 items. The second was (a/b)*1000<1, and held 532 items. The
test indicated that there were about 2.9 mispredicted ret instructions while one
thousand ret instructions retired. It means that it is possible to monitor several
million instructions just using ten thousands of CPs.
Fig. 7. Three categories divided against the proportion of a to b where a is the number
of retired instructions and b is the number of executed mispredicted ret instructions
5 Discussion
There are some security assumptions for HDROP. First, the kernel, including
HDROP, is in the code-integrity. Otherwise, attackers can circumvent HDROP
by tampering with the code. Since some security mechanisms are available[1,2],
we believe this assumption is reasonable. Second, PMC is protected from mali-
cious modifying. It is possible to tamper with the hardware counters to forge the
readings. However, attackers have to do that with some crafting gadgets, and it
make more difficult to identify the gadgets. Therefore, we optimistically suppose
that PMC is immune to ROP attack. In this paper, we suppose a adversary
is capable of modifying the kernel data to launch ROP attacks, which include
return addresses, function pointers and so on.
Meanwhile, HDROP has some limitations. First, HDROP may send a false
alarm. The parameters of detecting algorithm are computed on the training data.
HDROP: Detecting ROP Attacks Using Performance Monitoring Counters 183
So it is possible to take a legal execution as ROP attack for unfull coverage. Sec-
ond, we fail to automatically generate the CP-map for covering the whole kernel.
We are seeking a more appropriate detecting algorithm. At last, HDROP is not
capable of detecting JOP. We believe it is easy to improve HDROP by identify-
ing the new interesting performance events. To overcome the above limitations
is our future work.
A novel contribution of our work is to demonstrate the feasibility of detecting
ROP attacks with the support of PMC. More specifically, we not only propose a
novel practical solution of checking ROP attacks, but also present a new usage
of PMC. Furthermore, unlike existing software-based solutions, HDROP takes
hundreds of instructions as a basic checking unit rather than a single one. Thus,
HDROP does not incur a heavy performance overhead from 2x to 5.3x timer
slower.
6 Related Work
In 2007, Hovav Shacham presents ROP attack[3], which is further generalized
to a variety of platforms[10,12]. Meanwhile, there have been many efforts to
defeat ROP attacks. As mentioned earlier, they are proposed in two categories,
which are called gadget-less solution and abnormity-detecting solution. They are
closely related to our work, and we introduce them as follows.
padding several nop instructions for aligning them. The second step is to protect
aligned instructions from the misuse. Compared to ret-less kernel[4], G-Free is a
generic way to defeat ROP attack.
Similar to G-Free, Control-Flow Locking[18] divides the protected instructions
into intended instructions and unintended instructions. Control-Flow Locking re-
moves the misuse of unintended instructions by imposing alignment artificially.
To protect intended instructions, it proposes an interesting way. More specifi-
cally, it performs a lock operation before dynamic control transfer, and an unlock
operation if current transfer is legal. Though it allows one violation of CFG, it
still capable of defeating ROP attacks because only one deviation can not achieve
the malicious end.
In our opinion, the above work may call gadget-less solution. Their main goal
is generating a gadget-less code-base to eliminate ROP attacks. Beside that,
they have presented the different ways to protect control transfer for defeating
ROP attacks further. These work are considerable interesting, but our work is
completely different from them for we detecting ROP attacks with the abnormity
introduced by the attacks.
7 Conclusion
References
1. Riley, R., Jiang, X., Xu, D.: Guest-Transparent Prevention of Kernel Rootkits
with VMM-based Memory Shadowing. In: Proceedings of the 11th International
Symposium on Recent Advances in Intrusion Detection (2008)
2. Seshadri, A., Luk, M., Qu, N., et al.: SecVisor: A Tiny Hypervisor to Provide
Lifetime Kernel Code Integrity for Commodity OSes. In: Proceedings of the 21st
ACM Symposium on Operating Systems Principles (October 2007)
3. Shacham, H.: The geometry of innocent flesh on the bone: Return-into-libc with-
out function calls (on the x86). In: Proceedings of the 14th ACM Conference on
Computer and Communications Security (2007)
4. Li, J., Wang, Z., Jiang, X., Grace, M., Bahram, S.: Defeating return-oriented rootk-
its with return-less kernels. In: Proceedings of the 5th ACM SIGOPS EuroSys
Conference (2010)
186 H. Zhou et al.
5. Onarlioglu, K., Bilge, L., Lanzi, A., et al.: G-free: Defeating return-oriented pro-
gramming through gadget-less binaries. In: Proceedings of the 26th ACSAC (2010)
6. Checkoway, S., Davi, L., Dmitrienko, A., et al.: Return-oriented programming with-
out returns. In: Proceedings of the 17th CCS (2010)
7. Bletsch, T., Jiang, X., Freeh, V.W., et al.: Jump-oriented programming: A new class
of code-reuse attack. In: Proceedings of the 6th ACM Symposium on Information,
Computer and Communications Security (2011)
8. Hund, R., Holz, T., Freiling, F.: Return-oriented rootkits: Bypassing kernel code in-
tegrity protection mechanisms. In: Proceedings of USENIX Security 2009. USENIX
(August 2009)
9. Chen, P., Xing, X., Mao, B., et al.: Automatic construction of jump-oriented pro-
gramming shellcode (on the x86). In: Proceedings of 6th ASIACCS (2011)
10. Buchanan, E., Roemer, R., Shacham, H., et al.: When good instructions go bad:
Generalizing return-oriented programming to RISC. In: Proceedings of the 15th
ACM Conference on Computer and Communications Security (2008)
11. Checkoway, S., Feldman, A.J., Kantor, B., et al.: Can DREs provide long-lasting
security? the case of return-oriented programming and the AVC Advantage. In:
Proceedings of EVT/WOTE (2009)
12. Kornau, T.: Return oriented programming for the arm architecture. Technical re-
port (2010)
13. Davi, L., Sadeghi, A.-R., Winandy, M.: ROPdefender: A detection tool to defend
against return-oriented programming attacks. Technical Report HGI-TR-2010-001
(2010)
14. Davi, L., Sadeghi, A.R., Winandy, M.: Dynamic integrity measurement and attes-
tation: Towards defense against return-oriented programming attacks. In: Proceed-
ings of 4th STC (2009)
15. Chen, P., Xiao, H., Shen, X., Yin, X., Mao, B., Xie, L.: DROP: Detecting return-
oriented programming malicious code. In: Prakash, A., Sen Gupta, I. (eds.) ICISS
2009. LNCS, vol. 5905, pp. 163–177. Springer, Heidelberg (2009)
16. Intel. Intel 64 and ia-32 architectures software developers manual, volume 3b: Sys-
tem programming guide, part 2
17. UnixBench (2012), http://ftp.tux.org/pub/benchmarks/system/unixbench
18. Bletsch, T., Jiang, X.: Mitigating Code-Reuse Attacks with Control-Flow Locking.
In: Proceedings of the 27th Annual Computer Security Applications Conference,
ACSAC (2011)
19. Luk, C.-K., Cohn, R., Muth, R., et al.: Pin: Building customized program analysis
tools with dynamic instrumentation. In: Sarkar, V., Hall, M.W. (eds.) Proceedings
of PLDI (2005)
20. Nethercote, N., Seward, J.: Valgrind: A framework for heavyweight dynamic binary
instrumentation. SIGPLAN Not. 42(6), 89–100 (2007)
21. Pappas, V.: kBouncer: Efficient and transparent ROP mitigation. Technical report,
Columbia University (2012)