Explore a comprehensive presentation on Norax, a system that enables Execute-Only Memory (XOM) for Commercial-Off-The-Shelf (COTS) binaries on AArch64 platforms. Delve into the design, implementation, and practical applications of this innovative security solution that retrofits XOM into stripped binaries without requiring source code or debugging symbols. Learn about the challenges faced, core components, and techniques used, including NDisassembler, NPatcher, NLoader, and NMonitor. Examine the evaluation results demonstrating Norax's minimal performance impact and increased memory footprint. Gain insights into how Norax leverages hardware-based XOM support on AArch64 platforms and its compatibility with other binary hardening techniques like in-place randomization (IPR). Understand the significance of this approach in protecting against code reuse attacks and memory disclosure vulnerabilities in COTS binaries and source-unavailable programs.
Norax - Enabling Execute-Only Memory for COTS Binaries on AArch64
Overview
Syllabus
Intro
Why eXecute-Only Memory (XOM) is useful
XOM for COTS binaries
Challenges
Design goals
Core components overview
NDisassembler insights (background)
NDisassembler selective data analysis
NPatcher backward-compatible patching
NLoader loading support for NORAX binaries
NMonitor external references and policy checks
Related works (selected)
Evaluation set
Data analysis & end-to-end binary rewriting test
Runtime overhead (S3)
Summary
Taught by
IEEE Symposium on Security and Privacy
