Preventing kernel code-reuse attacks through disclosure resistant code diversification.

Software diversity has been applied to operating system kernels to protect against code-reuse attacks. However, the security of fine-grained software diversification relies on ensuring that the code layout remains secret. Unfortunately, memory disclosure vulnerabilities assist adversaries in bypassing software diversity protections by leaking the code layout. In this paper, we propose KHide, a system that thwarts kernel code-reuse attacks by combining fine-grained software diversity techniques and memory disclosure protection. First, we apply multiple fine-grained software diversity techniques to kernel code at compile time. Next, we propose a technique to protect diversified kernel code against memory disclosure at runtime. As a result, an attacker cannot predict or identify gadgets in memory to launch code-reuse attacks. We implement KHide for the Linux kernel. Our evaluation shows that KHide disclosure protection has negligible performance impact in comparison to fine-grained software diversity. We provide a security analysis of KHide calculating the survivability of gadgets across diversified versions. Our results show that KHide provides comprehensive protection against the threat of kernel code-reuse with acceptable performance impact.