Prevent Kernel Return-Oriented Programming Attacks Using Hardware Virtualization

机译：使用硬件虚拟化防止面向内核返回的编程攻击

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

ROP attack introduced briefly in this paper is a serious threat to compute systems. Kernel ROP attack is great challenge to existing defenses because attackers have system privilege, little prerequisite to mount attacks, and the disability of existing countermeasures against runtime attacks. A method preventing kernel return-oriented programming attack is proposed, which creates a separated secret address space for control data taking advantage of VMM architecture. The secret address space is implemented as a shadow stack on the same host with the target OS facilited by hardware virtualization techniques. The experience result shows the performance overhead in our implementation is about 10% and acceptable in practical.

机译：本文简要介绍的ROP攻击是对计算系统的严重威胁。内核ROP攻击是对现有防御的巨大挑战，因为攻击者具有系统特权，发起攻击的先决条件很少，并且无法抵抗运行时攻击的现有对策。提出了一种防止面向内核返回的编程攻击的方法，该方法利用VMM架构为控制数据创建了单独的秘密地址空间。秘密地址空间被实现为与目标操作系统通过硬件虚拟化技术在同一主机上的影子堆栈。经验结果表明，在我们的实现中，性能开销约为10％，在实践中是可以接受的。

著录项

来源
《Information security practice and experience.》|2012年|p.289-300|共12页
会议地点 Hangzhou(CN);Hangzhou(CN)
作者
Tian Shuo; He Yeping; Ding Baozeng;
展开▼
作者单位

Institution of Software, Chinese Academy of Sciences,Graduate University of Chinese Academy of Sciences;

Institution of Software, Chinese Academy of Sciences;

Institution of Software, Chinese Academy of Sciences,Graduate University of Chinese Academy of Sciences;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类安全保密;安全保密;
关键词
return-oriented programming; kernel attacks; virtualization; shadow stack;

机译：面向收益的编程；内核攻击；虚拟化;影子堆栈;

相似文献

外文文献
中文文献
专利

1. Defending return-oriented programming based on virtualization techniques [J] . Xiaoqi Jia, Rui Wang, Jun Jiang, Security and communication networks . 2013,第10期

机译：捍卫基于虚拟化技术的面向收益的编程
2. Improved Technique for Verification of Call-return Flow Integrity for Compiler-based Defense against Return-oriented Programming Attacks [J] . Younsung Choi International Journal of Applied Engineering Research . 2017,第17aPta5期

机译：改进技术，用于验证呼叫流程完整性，用于对基于返回的编程攻击的基于编译器的防御
3. Enforcing kernel constraints by hardware-assisted virtualization [J] . Éric Lacombe, Vincent Nicomette, Yves Deswarte Journal in computer virology . 2011,第1期

机译：通过硬件辅助虚拟化加强内核约束
4. Learning How to Prevent Return-Oriented Programming Efficiently [C] . David Pfaff, Sebastian Hack, Christian Hammer International symposium on engineering secure software and systems . 2015

机译：学习如何有效防止面向收益的编程
5. Defending against return-oriented programming. [D] . Pappas, Vasileios. 2015

机译：防御面向返回的编程。
6. Program of rehabilitative exercise and education to avert vascular events after non-disabling stroke or transient ischemic attack (PREVENT Trial): a multi-centred randomised controlled trial [O] . Marilyn MacKay-Lyons, Gordon Gubitz, Nicholas Giacomantonio, 2010

机译：康复运动和教育计划以防止非致残性中风或短暂性脑缺血发作后的血管事件（PREVENT试验）：一项多中心随机对照试验
7. Evaluating the generality and limits of blind return-oriented programming attacks [O] . Keener Lawrence 2015

机译：评估盲目的面向返回的编程攻击的普遍性和局限性
8. Evaluating the Generality and Limits of Blind Return-Oriented Programming Attacks. [R] . Keener, L. 2015

机译：评估盲回归编程攻击的一般性和局限性。

Prevent Kernel Return-Oriented Programming Attacks Using Hardware Virtualization

摘要

著录项

相似文献

相关主题

期刊订阅