首页> 外文期刊>Concurrency and Computation >Timely address space rerandomization for resisting code reuse attacks
【24h】

Timely address space rerandomization for resisting code reuse attacks

机译:及时进行地址空间随机化,以抵抗代码重用攻击

获取原文
获取原文并翻译 | 示例

摘要

The major weakness of address space layout randomization is the address space of the program being randomized only once at loading. Therefore, it cannot prevent those advanced code reuse attacks, such as just-in-time return-oriented programming. In view of this situation, we propose an instantaneous and continual address space rerandomization approach, called just-in-time address space rerandomization (JIT-ASR) to thwart the attack. The JIT-ASR uses the virtual memory management and can ceaselessly change the program's address space by modifying the virtual page number of the code address and page table at runtime. In this way, the address space of the program will change continually. This mechanism will make the addresses used by the attacker become stale, and the attack payload cannot be performed successfully. To demonstrate the effectiveness and efficiency of JIT-ASR, we apply it to SPEC CPU2006 benchmark suite. The evaluation results and security analysis show that JIT-ASR can resist the code reuse attacks, especially just-in-time return-oriented programming, and yield low runtime performance overhead (1.2% on average on the SPEC CPU2006 benchmark).
机译:地址空间布局随机化的主要缺点是程序的地址空间在加载时仅被随机化一次。因此,它无法阻止那些高级代码重用攻击,例如即时返回导向编程。针对这种情况,我们提出了一种即时且连续的地址空间随机化方法,称为即时地址空间随机化(JIT-ASR),以阻止攻击。 JIT-ASR使用虚拟内存管理,并且可以在运行时通过修改代码地址和页表的虚拟页号来不断更改程序的地址空间。这样,程序的地址空间将不断变化。这种机制将使攻击者使用的地址变得陈旧,并且攻击负载无法成功执行。为了证明JIT-ASR的有效性和效率,我们将其应用于SPEC CPU2006基准套件。评估结果和安全性分析表明,JIT-ASR可以抵抗代码重用攻击,尤其是即时返回的编程,并且运行时性能开销较低(在SPEC CPU2006基准测试中平均为1.2%)。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号