APPARATUS AND METHOD FOR DEFENSING OF CODE REUSE ATTACK

摘要

Disclosed are an apparatus for defending code reuse attack (CRA) and a method thereof. According to the present invention, a CRA defense method performed by a CRA defense system comprises the steps of: selecting a monitoring core among idle cores of a multicore system; loading a control flow integrity (CFI) monitoring unit in the monitoring core and transmitting control data to the CFI monitoring unit; allowing the CFI monitoring unit to extract a CPU instruction of a monitoring target core, in which a monitoring target program is executed, by using the control data; allowing the CFI monitoring unit to extract a normal execution flow of the monitoring target program; allowing the CFI monitoring unit to determine whether the CPU instruction violates a control flow policy based on the normal execution flow; and allowing the CFI monitoring unit to control execution of the monitoring target core based on whether the CPU instruction violates the control flow policy to defend CRA.