随着漏洞挖掘技术日渐成熟,每年新增漏洞数量逐步增加。从操作系统以及编译器层面来说,为了提高内存保护的安全性,对抗漏洞利用的缓解措施也在不断完善。文章介绍了近年来比较成熟的基于内存的漏洞关键缓解技术,包括GS编译选项技术、SEH安全校验机制、堆数据保护机制、DEP技术以及ASLR技术。GS编译选项技术和SEH安全校验机制能够有效遏制针对栈数据的攻击;堆数据保护机制为堆溢出增加了更多限制;DEP技术能够对内存执行额外检查以防止恶意代码在系统中执行;ASLR技术通过对关键地址的随机化使一些堆栈溢出手段失效。文章还指出了这些防护措施所存在的不足,并据此从攻击者的角度介绍了针对这几种缓解措施的攻击思路。针对漏洞缓解技术,文章指出未来必须考虑的是如何弥补在抵御复合向量攻击方面的不足,如何完善旁路保护。%With the technology of ifnding vulnerabilities in software getting more mature, the total number of bugs is increasing yearly. In order to improve the security of memory protection, in terms of operating system and compiler, measures taken by OS to mitigate exploit are getting more perfect. This article describes some of the key mitigations, including GS options, SEH, Heap protection, DEP, and ASLR. The GS compiler technology and SEH security authentication mechanism can effectively detect and prevent most stack-based overlfow attacks; Heap protection provides more restrictions aiming at stack overlfow; DEP can perform additional memory checks to prevent malicious code executing in the system; ASLR helps to prevent buffer overlfow attacks by randomizing the key address.The article also points out the drawbacks and introduces some method to defeat these mitigations from the views of attackers. Aiming at the vulnerability mitigation technology, the article points out it must be considered how to cover the shortage on resisting the attack of composite vectors and how to improve and perfect the bypassing protection in the future.
展开▼
