Unlock instant, AI-driven research and patent intelligence for your innovation.

Shadow stack implementation method for multi-thread backward control flow integrity protection

A technology of integrity protection and implementation method, which is applied in the field of shadow stack implementation of multi-threaded backward control flow integrity protection, can solve the problems of inapplicable multi-threading, modification of source code and imperfect hiding mechanism, etc., to achieve convenient deployment, Convenient and fast access, the effect of improving protection ability

Active Publication Date: 2019-03-26
NANJING UNIV
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to provide a shadow stack implementation method for multi-thread backward control flow integrity protection that can solve the problems that the current shadow stack implementation scheme is not suitable for multi-threading, needs to modify the source code, and the hidden mechanism is imperfect.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Shadow stack implementation method for multi-thread backward control flow integrity protection
  • Shadow stack implementation method for multi-thread backward control flow integrity protection
  • Shadow stack implementation method for multi-thread backward control flow integrity protection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0048] Unless the context clearly states otherwise, the number of elements and components in the present invention can exist in a single form or in multiple forms, and the present invention is not limited thereto. Although the steps in the present invention are arranged with labels, they are not used to limit the order of the steps. Unless the order of the steps is clearly stated or the execution of a certain step requires other steps as a basis, the relative order of the steps can be adjusted. It can be understood that the term "and / or" used herein refers to and covers any and all possible combina...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a shadow stack realization method for multi-thread backward control flow integrity protection. The method for implementing the shadow stack for multi-threaded backward control flow integrity protection includes the following steps: a, inserting the source code of the program to be protected when compiling, and generating an executable file in which the shadow stack is deployed; b, starting and deploying the The executable file of the shadow stack is hijacked by the dynamic shared library to create and start the thread to complete the creation of the shadow stack; c, the function header and function tail after the instrumentation realize the maintenance and backward control flow of the stack top pointer of the shadow stack Integrity check; d. Perform exit processing of the thread, and destroy the shadow stack through the destructor registered in the dynamic shared library. The beneficial effect of the present invention is that: the shadow stack implementation method for multi-threaded backward control flow integrity protection can improve the control flow integrity protection capability of multi-threaded C / C++ programs to reduce the threat of code reuse attacks .

Description

technical field [0001] The invention belongs to the technical field of software code reuse attack defense, and in particular relates to a shadow stack implementation method for multi-thread backward control flow integrity protection. Background technique [0002] Code reuse attacks can bypass security defense mechanisms such as data execution protection deployed on mainstream operating systems, posing a huge threat to the security of computer systems. Control flow integrity protection is a more effective defense against code reuse attacks. Wherein, the backward control flow integrity refers to the correctness of the control flow related to the ret instruction in the program. Backward control flow integrity protection can be implemented using shadow stack technology. However, the existing shadow stack protection scheme is not suitable for multi-threading. During the implementation process, the source code needs to be modified to create space for the shadow stack, which is n...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/12G06F21/56
CPCG06F21/125G06F21/563G06F2221/034G06F21/1015
Inventor 曾庆凯谢志宇
Owner NANJING UNIV