期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

用多密钥加密方法防御面向返回编程的攻击 被引量:1

Prevention of return-oriented programming attacks using multi-key protection
下载PDF
导出
摘要 针对面向返回编程(ROP)攻击的特性,提出了一种利用多密钥加密函数返回地址值防ROP攻击的方法。这种方法通过密钥指定位以及密钥迷惑位的巧妙设置,防止密钥在泄露情况下攻击者实施有效攻击的可能。利用二进制代码动态翻译工具PIN开发了原型系统,在实现时,为了避免攻击者攻击原型系统而直接访问密钥,引入了诱饵密钥,在增加攻击难度的同时降低了可信计算基。其有效性分析和实验结果表明,在不需要其他信息(如源码、调试信息等)条件下,多密钥加密防御方法能在适当的性能开销下,有效防御ROP攻击,并且其误报率极低。 The multi-key protection method was applied to the study,and a novel technique was presented to prevent return-oriented programming (ROP) attacks based on the analysis of ROP attack properties.This new technique,which benefits from protection of return address by multi-key,introduces obfuscated bits to prevent exploits targeted key sets.With the help of binary dynamic translator of the Intel PIN,a proof-of-concept prototype system for Linux platform was implemented.In order to prevent the direct attacks targeted prototype,the cheating keys were proposed to obfuscate attackers as well as decrease the trusted computing base.The effectiveness analysis and the experimental results demonstrate that the multi-key protection method could effectively prevent ROP attack with a modest performance penalty and low false positive rate.
作者 陈林博 江建慧 张丹青
机构地区 同济大学软件学院
出处 《高技术通讯》 CAS CSCD 北大核心 2014年第4期355-364,共10页 Chinese High Technology Letters
基金 863计划(2007AA01Z142)资助项目
关键词 代码复用类攻击 返回编程(ROP)攻击 多密钥加密保护 密钥迷惑位 诱饵密钥 code reuse attacks return-oriented programming (ROP) attacks multi-key protection obfuscated bits cheating keys
分类号 TN918.4 [电子电信—通信与信息系统]
  • 相关文献

参考文献25

  • 1Solar Designer. Getting around non-executable stack ( andfix). http ://seclists. org/bugtraq/1997/Aug/63 : Bugtraq, 2012.
  • 2NERGAL. The Advanced Return-into-libc (c) Exploits : PaX Case Study. http://phrack, org/issues/58/4, html: Phrack,2013.
  • 3Shacham H. The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In: Proceedings of 14th ACM Conference on Computer and Communications Security, Alexandria, USA, 2007. 552- 561.
  • 4Stojanovski N, Gusev M, Gligoroski D, et al. Bypassing Da- ta Execution Prevention on Microsoft Windows XP SP2. In:Proceedings of the Second International Conference on Availability, Reliability and Security, Vienna, Austria, 2007. 1222-1226.
  • 5McCamant S, Morrisett G. Efficient, verifiable binary sand- boxing for a CISC architecture. MIT-CSAIL-TR-2005- 030, Massachusetts : MIT, 2005.
  • 6Yee B, Sehr D, Dardyk G, et al. Native client:a sandbox for portable, untrusted x86 native code. Communications of the ACM,2010,53( 1 ) :91-99.
  • 7Tsai T, Singh N. Libsafe : transparent system-wide protec- tion against buffer overflow attacks. In : Proceedings of the International Conference on Dependable Systems and Net- works, Washington, D. C. , USA,2002.541-551.
  • 8Li J, Wang Z, Jiang X, et al. Defeating return-oriented ro- otkits with return-less kernels. In : Proceedings of the 5th European conference on Computer systems, Paris, France, 2010. 195-208.
  • 9Onarlioglu K, Bilge L, Lanzi A, et al. G-Free:defeating re- turn-oriented programming through gadget-less binaries. In :Proceedings of 26th Annual Computer Security Appli- cations Conference, Austin, USA ,2010.49-58.
  • 10Pappas V, Polychronakis M, Keromytis A D. Smashing the gadgets:hindering return-oriented programming using in- place code randomization. In: Proceedings of IEEE Sympo- sium on Security and Privacy, Oakland, USA, 2012. 601- 615.

同被引文献4

引证文献1

二级引证文献3

高技术通讯
2014年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部