期刊文献+
共找到1篇文章
< 1 >
每页显示 20 50 100
Feedback control can make data structure layout randomization more cost-effective under zero-day attacks 被引量:2
1
作者 Ping Chen Zhisheng Hu +2 位作者 Jun Xu Minghui Zhu Peng Liu 《Cybersecurity》 2018年第1期93-105,共13页
In the wake of the research community gaining deep understanding about control-hijacking attacks,data-oriented attacks have emerged.Among data-oriented attacks,data structure manipulation attack(DSMA)is a major catego... In the wake of the research community gaining deep understanding about control-hijacking attacks,data-oriented attacks have emerged.Among data-oriented attacks,data structure manipulation attack(DSMA)is a major category.Pioneering research was conducted and shows that DSMA is able to circumvent the most effective defenses against control-hijacking attacks-DEP,ASLR and CFI.Up to this day,only two defense techniques have demonstrated their effectiveness:Data Flow Integrity(DFI)and Data Structure Layout Randomization(DSLR).However,DFI has high performance overhead,and dynamic DSLR has two main limitations.L-1:Randomizing a large set of data structures will significantly affect the performance.L-2:To be practical,only a fixed sub-set of data structures are randomized.In the case that the data structures targeted by an attack are not covered,dynamic DSLR is essentially noneffective.To address these two limitations,we propose a novel technique,feedback-control-based adaptive DSLR and build a system named SALADSPlus.SALADSPlus seeks to optimize the trade-off between security and cost through feedback control.Using a novel feedback-control-based adaptive algorithm extended from the Upper Confidence Bound(UCB)algorithm,the defender(controller)uses the feedbacks(cost-effectiveness)from previous randomization cycles to adaptively choose the set of data structures to randomize(the next action).Different from dynamic DSLR,the set of randomized data structures are adaptively changed based on the feedbacks.To obtain the feedbacks,SALADSPlus inserts canary in each data structure at the time of compilation.We have implemented SALADSPlus based on gcc-4.5.0.Experimental results show that the runtime overheads are 1.8%,3.7%,and 5.3% when the randomization cycles are selected as 10s,5s,and 1s respectively. 展开更多
关键词 Data structure manipulation attack Data structure layout randomization Adaptive security Feedback control
原文传递
上一页 1 下一页 到第
使用帮助 返回顶部