Against Code Injection with System Call Randomization

机译：防止代码注入和系统调用随机化

获取原文

获取外文期刊封面目录资料

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

The existing code injection attack defense methods have some deficiencies on performance overhead and effectiveness. In order to ensure the system performance, we propose a method that uses system call randomization to counter code injection attacks based on instruction set randomization idea. An injected code would perform its actions with system calls. System call randomization on operating system level will prevent the injected code from executing correctly. Moreover, with an extended compiler, our method can perform source code randomization during compiling and implement binary executable files randomization by feature matching. The experiments show that our method can effectively counter variety code injection attacks with low overhead.

机译：现有的代码注入攻击防御方法在性能开销和有效性方面存在一些缺陷。为了保证系统性能，我们提出了一种基于指令集随机化思想的利用系统调用随机化来对抗代码注入攻击的方法。注入的代码将通过系统调用执行其动作。在操作系统级别进行系统调用随机化将阻止注入的代码正确执行。而且，使用扩展的编译器，我们的方法可以在编译期间执行源代码随机化，并通过特征匹配实现二进制可执行文件随机化。实验表明，该方法能够以较低的开销有效地应对各种代码注入攻击。

著录项

来源
《International Conference on Networks Security, Wireless Communications and Trusted Computing;NSWCTC '09》|2009年|584-587|共4页
会议地点
作者
Liang Zhaohui; Liang Bin; Li Luping; Chen Wei; Kang Qingqing; Gu Yingqin;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Code Injection; Randomization; Ssystem Call;

机译：代码注入;随机化;系统调用;

相似文献

外文文献
中文文献
专利

1. A System Call Randomization Based Method for Countering Code-Injection Attacks [J] . Zhaohui Liang, Bin Liang, Lupin Li International Journal of Information Technology and Computer Science . 2009,第1期

机译：基于系统调用随机化的反码注入攻击方法
2. Epidural Injections for Spinal Pain: A Systematic Review and Meta-analysis Evaluating the "Control" Injections in Randomized Controlled Trials [J] . Mark C. Bicket, Anita Gupta, Charlie H. Brown IV, Anesthesiology . 2013,第4期

机译：硬膜外注射治疗脊柱疼痛：系统评价和荟萃分析评估随机对照试验中的“对照”注射
3. Epidural Injections for Spinal Pain: A Systematic Review and Meta-analysis Evaluating the "Control" Injections in Randomized Controlled Trials [J] . Mark C. Bicket, Anita Gupta, Charlie H. Brown IV, Anesthesiology . 2013,第4期

机译：脊髓疼痛的硬膜外注射：系统评价和荟萃分析评估随机对照试验中的“控制”注射
4. Against Code Injection with System Call Randomization [C] . Zhaohui Liang, Bin Liang, Luping Li, International Conference on Networks Security, Wireless Communications and Trusted Computing . 2009

机译：与系统呼叫随机化的代码注射
5. Design and Analysis of Random Linear Network Coding Schemes: Dense Codes, Chunked Codes and Overlapped Chunked Codes. [D] . Heidarzadeh, Anoosheh. 2013

机译：随机线性网络编码方案的设计和分析：密集码，分块码和重叠分块码。
6. Is local platelet-rich plasma injection clinically superior to hyaluronic acid for treatment of knee osteoarthritis? A systematic review of randomized controlled trials [O] . Yalong Di, Changxu Han, Liang Zhao, 2018

机译：临床上局部富含血小板的血浆注射剂在治疗膝骨关节炎方面是否优于透明质酸？随机对照试验的系统评价
7. RandSys: Thwarting Code Injection Attacks with System Service Interface Randomization [O] . Xuxian Jiangy, Helen J. Wangz, Dongyan Xu, 2015

机译：Randsys：利用系统服务接口随机化来阻止代码注入攻击
8. Equivalent Linearization Analysis of Geometrically Nonlinear Random Vibrations Using Commercial Finite Element Codes [R] . Rizzi, S. A. , Muravyov, A. A. 2002

机译：基于商业有限元程序的几何非线性随机振动等效线性化分析

Against Code Injection with System Call Randomization

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅