2

Address space layout randomization (ASLR) is a computer security technique which involves randomly arranging the positions of key data areas, usually including the base of the executable and position of libraries, heap, and stack, in a process's address space.

This is the description from Wikipedia.

Is it fair to estimate effectiveness of ASLR in two different OS by estimating the "randomness" of the positions of the key data areas?

Are there any other measurable factors by which we can compare ASLR effectiveness? Any tips on how to proceed?

1 Answers1

1

I can think of several parameters that ASLR can implement in different degrees.

The variance of address randomization

The spatial "stickiness" of this randomization - how long do the address remain fixed

The temporal "stickiness" of this randomization - in how many objects e.g. processes does the address stay the same

The performance penalty during exe load

The runtime performance penality

The degree to which it break legacy coding practices (how ever bad they maybe)

It reliance on hardware features (memory protection, virtual memory)

The "wastage" of virtual address space

A requirement for recompilation of kernel or lack there of

A requirement for recompilation of other system support modules

YAZR
  • 79
  • 1
  • 8
  • i must say u are very imaginative for your considerations elaborated. +1 for these. but a good design is to be as simple as possible.....and generally minimum number of performance measure suffice. my personal preference is "overall runtime performance speed for 1st execution" which will take into many other factors. – Peter Teoh Oct 14 '11 at 05:21