Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Operating system address space randomized distribution system and method

An address space and operating system technology, applied in the field of information security, can solve the problems of insufficient security, inability to require independent configuration of security, and limited scope.

Active Publication Date: 2014-08-20
INST OF INFORMATION ENG CAS
View PDF6 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there are many problems in the existing randomized address space allocation methods, such as: ①The current randomized allocation range is relatively limited, with a random range of more than 10 digits, it is easy for attackers to guess the address after randomized allocation by using violent guessing methods Spatial distribution
②The random number generation algorithm is only related to the clock, which is not safe enough
③It is not flexible enough. The system either chooses to enable the random allocation function of address space, that is, all processes in the system adopt the random allocation method, or disable this function. Users cannot independently choose to enable or disable the random allocation function according to the security requirements of the application; the address space Including: stack address space, heap address space, and memory mapping (mmap) address space. The current randomized allocation method cannot independently configure whether these three address spaces adopt randomized allocation according to specific security requirements.
④ At present, the Linux operating system of the domestic Loongson processor platform still lacks the support of a fully functional address space random allocation function

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Operating system address space randomized distribution system and method
  • Operating system address space randomized distribution system and method
  • Operating system address space randomized distribution system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0063] In order to make the purpose, technical solution and advantages of the present invention more clear, the embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings. It should be noted that, in the case of no conflict, the embodiments in the present application and the features in the embodiments can be combined arbitrarily with each other.

[0064] Such as figure 1 As shown, the embodiment of the present invention provides an operating system address space random allocation system, including a user space layer and a kernel space layer,

[0065] The user space layer includes: a user space executable program local randomization management strategy generator / parser 1, a global randomization management strategy module 2, and a random event collection module 3;

[0066] The kernel space layer includes: an executable program loading module 4, a virtual file system management module 5, a management strategy analysis mo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an operating system address space randomized distribution system and method, and relates to the field of information safety. The operating system address space randomized distribution system and method expand the address space randomized distribution range and improve the safety of randomization of the operation system accordingly. The operating system address space randomized distribution system comprises a user space layer and a kernel space layer. The user space layer comprises a user space executable program partial randomization management strategy generating / analyzing device, a global randomization management strategy module and a random event collection module. The kernel space layer comprises an executable program loading module, a virtual file system management module, a management strategy analyzing module, a randomization factor generating module and an address space randomized distribution module. The operating system address space randomized distribution method is used for the operating system address space randomized distribution system. The operating system address space randomized distribution system and method are also applied to a current domestic loongson processor platform.

Description

technical field [0001] The invention relates to the field of information security, in particular to a system and method for randomized allocation of an operating system address space. Background technique [0002] Computers are the infrastructure for information storage and processing. However, based on design complexity and implementation cost considerations, computers used to store and process information are not safe. The main factors that cause computer insecurity include: ① Lack of hardware specially designed for security requirements; ② The operating system did not consider security mechanisms from the beginning of design; ③ The inherent defects of computer languages, such as the buffer overflow security introduced by C language Hidden danger. The existence of these factors will bring different levels of security loopholes to the computer system, leaving opportunities for malicious software. For example, malware is rampant, network attacks continue, IT infrastructure...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F9/44
Inventor 游瑞邦涂碧波孟丹
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com