For current status quo that code-injection attack defense mechanisms are easily bypassed by attackers,we proposed a new defense technology which is based on instruction set randomisation.In this technology,we drew up randomisation rules of instruction set,that could be used to change the instructions in objs files so as to implement the randomisation of instruction set.The external injection codes are not compatible with the generated instruction set,when translated by the dynamic binary analysis platform,the program codes can be executed as usual but the injected codes become the disordered codes.Based on this technology we designed a set of prototype systems,and demonstrated through a large number of experiments that it was able to defense most of code-injection attacks.This technology breaks through the steady environment needed by exploiting the buffer overflow vulnerabilities and achieves the proactive defense against attacks.%针对当前代码注入型攻击防御机制容易被绕过的现状,提出一种基于指令集随机化的防御技术。该技术制定了指令集随机化规则,利用该规则改变 obj 文件中的指令,从而实现了指令集的随机化。外部注入代码与生成的指令集不兼容,经过动态二进制分析平台翻译后,程序代码正常执行而注入代码变为乱码。基于该技术设计了一套原型系统,并通过大量实验表明可以防御大部分代码注入型攻击。该技术打破了缓冲区溢出漏洞利用所需要的稳态环境,实现了对攻击的主动防御。
展开▼
