Shadow stack implementation method for integrity protection of multi-thread backward control flow

A technology of integrity protection and implementation method, applied in the field of shadow stack implementation of multi-threaded backward control flow integrity protection, can solve problems such as inapplicability of multi-threading, modification of source code and imperfect hiding mechanism, etc., to achieve convenient deployment, The effect of convenient and quick access and improved protection capability

Active Publication Date: 2017-01-04
NANJING UNIV
View PDF3 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to provide a shadow stack implementation method for multi-thread backward control flow integrity protection that can solve the problems that the current shadow stack implementation scheme is not suitable for multi-threading, needs to modify the source code, and the hidden mechanism is imperfect.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Shadow stack implementation method for integrity protection of multi-thread backward control flow
  • Shadow stack implementation method for integrity protection of multi-thread backward control flow
  • Shadow stack implementation method for integrity protection of multi-thread backward control flow

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0048] Unless the context clearly states otherwise, the number of elements and components in the present invention can exist in a single form or in multiple forms, and the present invention is not limited thereto. Although the steps in the present invention are arranged with labels, they are not used to limit the order of the steps. Unless the order of the steps is clearly stated or the execution of a certain step requires other steps as a basis, the relative order of the steps can be adjusted. It can be understood that the term "and / or" used herein refers to and covers any and all possible combina...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a shadow stack implementation method for integrity protection of multi-thread backward control flow. The shadow stack implementation method for the integrity protection of the multi-thread backward control flow comprises the following steps: a. carrying out plug-in mounting on a source code of a to-be-protected program during compiling to generate an executable file deployed with a shadow stack; b. starting the executable file deployed with the shadow stack, and hijacking the creation and start of threads by a dynamic shared library to complete the creation of the shadow stack; c. realizing the maintenance of a stack top point of the shadow stack and the check of the integrity of the backward control flow by a function header and a function tail after the plug-in mounting; and d. carrying out a logout processing on the threads, and destroying the shadow stack by a destructor registered in the dynamic shared library. The shadow stack implementation method provided by the invention has the beneficial effects that by adoption of the shadow stack implementation method for the integrity protection of the multi-thread backward control flow, the integrity protection ability of the control flow of the multi-thread C / C + + program can be improved to reduce the threat of being attacked by code reuse.

Description

technical field [0001] The invention belongs to the technical field of software code reuse attack defense, and in particular relates to a shadow stack implementation method for multi-thread backward control flow integrity protection. Background technique [0002] Code reuse attacks can bypass security defense mechanisms such as data execution protection deployed on mainstream operating systems, posing a huge threat to the security of computer systems. Control flow integrity protection is a more effective defense against code reuse attacks. Wherein, the backward control flow integrity refers to the correctness of the control flow related to the ret instruction in the program. Backward control flow integrity protection can be implemented using shadow stack technology. However, the existing shadow stack protection scheme is not suitable for multi-threading. During the implementation process, the source code needs to be modified to create space for the shadow stack, which is n...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/12G06F21/56
CPCG06F21/125G06F21/563G06F2221/034G06F21/1015
Inventor 曾庆凯谢志宇
Owner NANJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap