Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Full context-sensitive program control flow integrity protection method and system

A technology of integrity protection and context, applied in the direction of platform integrity maintenance, program/content distribution protection, computer security devices, etc., can solve problems such as incompatibility, damage to the transparency of protection methods, and failure to consider context sensitivity. , to achieve high accuracy, to achieve control flow integrity checks, and to achieve full context-sensitive effects

Active Publication Date: 2017-09-22
HUAZHONG UNIV OF SCI & TECH
View PDF4 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The current control flow integrity protection method does not consider context sensitivity or only considers partial context sensitivity, resulting in the generated control flow graph containing many illegal control flow edges, which can be exploited by attackers to bypass inspection
The current control flow integrity protection methods use stub technology to insert inspection codes at runtime, which destroys the transparency of the protection method, causing attackers to perceive the existence of the protection method and use the vulnerabilities of the protected program to tamper with the inspection logic
Some control flow integrity protection methods are not compatible with special control flow transfers, so they are not suitable for complex large projects

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Full context-sensitive program control flow integrity protection method and system
  • Full context-sensitive program control flow integrity protection method and system
  • Full context-sensitive program control flow integrity protection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0074] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.

[0075] Such as figure 1 As shown, the system of the present invention includes:

[0076] The simulation execution module is used to input preset test cases into the target program, simulate the execution of the target program, and obtain the control flow information of the target program; the test case here refers to the test input parameters;

[0077] The basic block information collection mo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a full context-sensitive program control flow integrity protection method and system. According to the method, during an offline analysis stage, control flow information of a program is collected through simulative execution; an executive path is tracked during operation; the executive path, reaching a same indirect branch, of a process is tracked; path information is matched with the control flow information; if the matching succeeds, it is showed that a simulative executive path during offline analysis is the same as a real executive path during operation, and a subsequent legal target address can be judged according to the control flow information in the offline analysis; and if a target address during operation is different from the legal target address, it is judged that the program suffers from control flow hijack attack, so that a control flow check module notifies a process tracking module to stop the process. The invention furthermore discloses the full context-sensitive program control flow integrity protection system. The integrity protection is realized by tracking and checking executive path information, so that the program is prevented from being threatened by the control flow hijack attack.

Description

technical field [0001] The invention belongs to the field of software integrity protection, and more particularly relates to a method and system for completely context-sensitive program control flow integrity protection. Background technique [0002] Buffer overflow vulnerabilities are common in today's software. By exploiting the buffer overflow vulnerability, the attacker can read and write the memory arbitrarily, thereby modifying the code pointer, and finally hijacking the control flow to complete the attack intention. In order to protect memory security, academic and industrial circles continue to research and deploy effective protection measures. However, there are still many attack techniques that can bypass the above existing protection measures. For this reason, the concept of control flow integrity is proposed. Control flow integrity protection does not directly protect memory security, but checks whether the control flow has been hijacked to determine whether i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/16G06F21/52
CPCG06F21/16G06F21/52G06F21/566
Inventor 金海羌卫中黄莹达邹德清
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products