Address space randomization is an emerging and promising method
 for stopping a broad range of memory corruption attacks.
 By randomly shifting critical memory regions at process initialization
time,
 a memory layout randomization scheme converts an otherwise successful
 malicious attack into a benign process crash. Recent work has shown that
 current randomization schemes can be brute-forced attacked.
 Such attacks are possible because of the lack of sufficient randomness in
current schemes.

In this paper, we propose Address Space Layout Permutation (ASLP)
 that introduces higher entropy with minimal performance overhead.
 ASLP randomly permutes different memory regions in the application
 process address space. We have created a novel binary rewriting tool
 that can place the static code or data segments of a compiled executable
 to a randomly specified location. The tool can also perform fine-grain
permutation of procedure bodies within the code segment and static data
 objects within the data segment.  Our binary rewriting tool does not
require source code modification. The rewriting transformation only
needs the relocation information produced by a normal compiler and
preserved by the compile time linker. We have also modified the
Linux operating system kernel to permute stack, heap, and memory mapped
regions.  Together, ASLP completely permutes memory regions in an application.
We used security and performance benchmarks to evaluate
ASLP, which shows minimal performance overhead with orders of magnitude
improvement in randomness (up to 29 bits of randomness on a 32-bit
architecture).