Defensing Code Reuse Attacks Using Live Code Randomization

doi:10.13328/j.cnki.jos.005516

微信服务号

微信订阅号

2025-4-24- 13

Home > Archive>Volume 30, Issue 9, 2019 >2772-2790. DOI:10.13328/j.cnki.jos.005516

PDF HTML XML Export Cite reminder

Defensing Code Reuse Attacks Using Live Code Randomization
DOI:
                        10.13328/j.cnki.jos.005516
                    
Author:
                        ZHANG Gui-MinZHANG Gui-Min
PLA Information Engineering University, Zhengzhou 450001, China;State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China
Find this author on CNKI
Find this author on BaiDu
Search for this author on this site
LI Qing-BaoLI Qing-Bao
PLA Information Engineering University, Zhengzhou 450001, China;State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China
Find this author on CNKI
Find this author on BaiDu
Search for this author on this site
ZENG Guang-YuZENG Guang-Yu
PLA Information Engineering University, Zhengzhou 450001, China;State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China
Find this author on CNKI
Find this author on BaiDu
Search for this author on this site
ZHAO Yu-TaoZHAO Yu-Tao
PLA Information Engineering University, Zhengzhou 450001, China;State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China
Find this author on CNKI
Find this author on BaiDu
Search for this author on this site

                    
Affiliation:
Clc Number:TP309
Fund Project:National Social Science Foundation of China (15AJG012); National Science and Technology Major Project of China (2013JH00103)

Article

Figures

Metrics

Reference

Cited by

Materials

Comments

Abstract:

As code reuse attacks (CRA) are becoming increasingly complex, legacy code randomization methods have been unable to provide adequate protection. An approach called LCR is present to defense CRA by living code randomization. LCR real-time monitors all suspicious operations which aim to find or utilize gadgets. When above events occur, LCR randomizes the function blocks of the target process in the memory so that gadgets' information known by attackers become invalid and attacks composed of these gadgets will fail. Finally, a prototype system of LCR is implemented to test the proposed method. Experiment results show that LCR can effectively defense CRAs based on direct or indirect memory disclosure, meanwhile introduces low run-time performance overhead on SPEC CPU2006 with less than 5% on average.

Key words:code randomization;code reuse attack;memory disclosure

Get Citation

张贵民,李清宝,曾光裕,赵宇韬.运行时代码随机化防御代码复用攻击.软件学报,2019,30(9):2772-2790

Copy

Article Metrics

Abstract:
PDF:
HTML:
Cited by:

History

Received:September 14,2016
Revised:June 06,2017
Adopted:
Online: September 06,2019
Published:

You are the first2038055Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address：4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code：100190
Phone：010-62562563 Fax：010-62562533 Email：jos@iscas.ac.cn
Technical Support：Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063

微信服务号

微信订阅号

Get Citation

Share

微信扫一扫：分享

Article Metrics

History