期刊文献+
共找到1篇文章
< 1 >
每页显示 20 50 100
DCFl-Checker: Checking Kernel Dynamic Control Flow Integrity with Performance Monitoring Counter 被引量:2
1
作者 SHI Wenchang ZHOU Hongwei +1 位作者 YUAN Jinhui LIANG Bin 《China Communications》 SCIE CSCD 2014年第9期31-46,共16页
It is a challenge to verify integrity of dynamic control flows due to their dynamic and volatile nature. To meet the challenge, existing solutions usually implant an "attachment" in each control transfer. However, t... It is a challenge to verify integrity of dynamic control flows due to their dynamic and volatile nature. To meet the challenge, existing solutions usually implant an "attachment" in each control transfer. However, the attachment introduces additional cost except performance penalty. For example, the attachment must be unique or restrictedly modified. In this paper, we propose a novel approach to detect integrity of dynamic control flows by counting executed branch instructions without involving any attachment. Our solution is based on the following observation. If a control flow is compromised, the number of executed branch instructions will be abnormally increased. The cause is that intruders usually hijack control flows for malicious execution which absolutely introduces additional branch instructions. Inspired by the above observation, in this paper, we devise a novel system named DCFI- Checker, which detect integrity corruption of dynamic control flows with the support of Performance Monitoring Counter (PMC). We have developed a proof-of-concept prototype system of DCFI-Checker on Linux fedora 5. Our experiments with existing kemel rootkits and buffer overflow attack show that DCFI- Checker is effective to detect compromised dynamic control transfer, and performance evaluations indicate that performance penaltyinduced by DCFI-Checker is acceptable. 展开更多
关键词 INTEGRITY dynamic control flow KERNEL branch performance monitoringcounter
下载PDF
上一页 1 下一页 到第
使用帮助 返回顶部