期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于可执行内存不可读属性的防代码重用技术 被引量:1

Code Reuse Attack Mitigation Based on Unreadable Property of Executable Memory
下载PDF
导出
摘要 为了防止代码重用攻击,经典的方法是通过代码随机化或者重构,使其地址无法被准确定位。然而,通过内存泄露攻击可以实时读取可执行内存,实现利用代码的动态构建。深入分析了内存泄露攻击的本质特征,提出了基于可执行内存不可读属性的防代码重用技术。该技术将可执行内存的属性设置为不可读,在保证程序正常执行的前提下,防止代码被作为数据读取。由于当前Intel x86和ARM处理器不支持内存"可执行但不可读"(XnR)的属性,通过软件模拟实现了XnR的功能。基于Linux平台的测试结果显示,XnR带来的额外开销只有2.2%,具有良好的可行性和实用性。 A common approach to mitigate code reuse attacks is disguising the address or content of code snippets by means of randomization or rewriting. However,memory disclosure attacks allow an adversary to read executable memory on-the-fly,thereby allowing just-in-time assembly of exploits.In this paper,the idea of code reuse prevention based on executable but not readable( XnR) memory is proposed through analysis of the nature of memory disclosure attacks. This approach sets the executable memory as unreadable,which ensures that the code can still be executed by the processor,but at the same time cannot be read as data. Despite the lack of hardware support for XnR in contemporary Intel x86 and ARM processors,software emulations for XnR based on Linux have been realized. The result shows a run-time overhead of only 2. 2%,which indicates great feasibility and practicality.
作者 杨超 王清贤 魏强
机构地区 信息工程大学 数学工程与先进计算国家重点实验室
出处 《信息工程大学学报》 2016年第1期59-64,共6页 Journal of Information Engineering University
基金 国家863计划资助项目(2012AA012902)
关键词 代码重用攻击 内存泄露攻击 可执行但不可读 软件模拟 code reuse attack memory disclosure attack executable but not readable software emulation
分类号 TP311.56 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献21

  • 1One A. Smashing the stack for fun and profit[ J]. Phrack magazine, 1996, 7(49) : 14-16.
  • 2Jennings S, Reynolds J D, Polunin N V C. Predicting the vulnerability of tropical reef fishes to exploitation with phylogenies and life histories [ J ]. Conservation Biology, 1999, 13(6): 1466-1475.
  • 3Yoshioka K, Inoue D, Masashl E T O, et al. Malware sandbox analysis for secure observation of vulnerability exploitation [ J ]. IEICE transactions on information and systems, 2009, 92(5): 955-966.
  • 4冯萍慧,连一峰,戴英侠,李闻,张颖君.面向网络系统的脆弱性利用成本估算模型[J].计算机学报,2006,29(8):1375-1382. 被引量:28
  • 5Turnell S M. Vulnerability exploitation: the problem of protecting our weakest links [ J]. Computer Fraud & Se- curity, 2003, 11- 12-15.
  • 6Prandini M, Ramilli M. Return-oriented programming [J]. Seeurity& Privacy, IEEE, 2012, 10(6) : 84-87.
  • 7Abadi M, Budiu M, Erlingsson 15, et al. Control-flow in- tegrity[ C]//Proeeedings of the 12th ACM conference on Computer and communieations security. 2005 : 340-353.
  • 8Erlingsson U, Abadi M, Vrable M, et al. XFI: Software guards for system address spaces [ C ]//Proceedings of the 7th symposium on Operating systems design and imple- mentation. 2006: 75-88.
  • 9Akritidis P, Cadar C, Raieiu C, et al. Preventing memo- ry error exploits with WIT [ C ]//Security and Privacy. 2008 : 263-277.
  • 10Sehr D, Muth R, Biffle C, et al. Adapting Software Fault Isolation to Contemporary CPU Architectures [ C ]//USENIX Security Symposium. 2010 : 1-12.

二级参考文献11

  • 1林闯,汪洋,李泉林.网络安全的随机模型方法与评价技术[J].计算机学报,2005,28(12):1943-1956. 被引量:92
  • 2Dacier M.. Towards quantitative evaluation of computer security[Ph. D. dissertation]. Institut National Polytechnique de Toulouse, 1994
  • 3Dacier M. , Deswarte Y. , Kaniche M.. Quantitative assessment of operational security: Models and tools. LAAS: Technical Report 96493, 1996
  • 4Ortalo R. , Deswarte Y.. Information systems security: Specification and quantitative evaluation. In: DeVa ESPRIT Long Term Research Project No. 20072-2nd Year Report, 1997, 561-584
  • 5Ortalo R. , Deswarte Y. , Kaniche M.. Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Transactions on Software Engineering, 1999, 25(5):633-650
  • 6Phillips C. , Swiler L.. A graph-based system for network vulnerability analysis. In, Proceedings of the ACM New Security Paradigms Workshop, 1998, 71-79
  • 7Sheyner O.. Scenario graphs and attack graphs[Ph. D. dissertation]. Carnegie Mellon University, 2004
  • 8Jha S. , Sheyner O. , Wing J.. Two formal analyses of attack graphs. In: Proceedings of the 2002 Computer Security Foundations Workshop, Nova Scotia, 2002, 45-59
  • 9Sheyner O. , Haines J. , Jha S. , Lippmann R. , Wing J. M..Automated generation and analysis of attack graphs. In: Proceedings of the IEEE Symposium on Security and Privacy, 2002
  • 10Jha S. , Sheyner O. , Wing J.. Minimization and reliability analyses of attack graphs. Carnegie Mellon University: Technical Report CMU-CS-02-109, 2002

共引文献27

同被引文献1

引证文献1

二级引证文献9

信息工程大学学报
2016年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部