Code Reuse Attack Mitigation Based on Function Randomization without Symbol Table

Address space randomization is an attractive way to counter against code-reuse attack. However, traditional Address Space Layout Randomization (ASLR) just randomizes the base address of a binary, whose relative address is not changed. So attackers can still use the fixed relative address to construct gadgets needed by code-reuse attack through information leakage. Although many fine-grained randomization approaches have been proposed recently, most of them rely on additional information, such as source code and symbol table. To overcome these limitations, we propose a function-level randomization approach, called Bin-FR, which performs function permutation and NOP instruction insertion randomly between functions without the support of symbol table through binary rewriting. Bin-FR is a fine-grained randomization approach, which increases the difficulty for attackers to predict the space layout of running binaries. Finally, we have implemented Bin-FR based on the disassembly tool Capstone on x86_64 64-bit version of Kali. Its experimental results show that Bin-FR can identify functions accurately and counter against code-reuse attack effectively, moreover, the runtime overhead of Bin-FR is negligible.