Stack protecting method based on program instrumentation and dynamic information verification

A dynamic information and stake insertion technology, applied in the fields of system and software security and computer, can solve the problems of easy cracking, performance loss, poor deployability, etc., to achieve wide applicability, low execution speed loss, and low program performance loss. Effect

Inactive Publication Date: 2018-09-25
NANJING UNIV
View PDF3 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] On the basis of existing work, the purpose of the present invention is to: propose a new stack protection method based on program insertion and dynamic information verification, to solve the existing stack protection methods that are easy to be cracked, serious performance loss, and can be deployed gender issues

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Stack protecting method based on program instrumentation and dynamic information verification
  • Stack protecting method based on program instrumentation and dynamic information verification
  • Stack protecting method based on program instrumentation and dynamic information verification

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029]The method of the invention firstly compiles the dynamic shared library libMultiGuard.so, which contains rewritten library functions and function functions. The purpose of rewriting the library function is to perform additional user-defined behaviors when the function is called. After the pthread_create and fork functions are rewritten, when the process is created, the user-specified canary buffer, the buffer's entry address, The size and index information are stored in TLS; the functions include the generation and placement of canary, and the erasure of canary buffer. Simultaneously, the inventive method has realized a GCC plug-in MultiGuard, is used for inserting and placing, checking canary and the code segment of error handling when compiling source program, when each function takes place calling, gets canary dynamically from canary buffer, and It pushes the stack to 8 bytes before the return address of the function stack frame. When the function call ends, the check...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a stack protecting method based on program instrumentation and dynamic information verification. The stack protecting method adopts a GCC compiler based instrumentation module (1) for inserting placement, checking and verification information and error handling code segments during source program compiling and a dynamic shared library based Hook module (2) for initializing item information in a verification information buffer area and dynamically updating the verification information. The probability of attack success of attackers is reduced through dynamic generation ofthe verification information and checking of fine-granularity stack information integrity, and the safety of a computer system and software is improved.

Description

technical field [0001] The invention belongs to the field of computer technology, especially the field of system and software safety. The invention provides a stack protection method based on program insertion and dynamic information verification, which is used for checking the integrity of stack data and protecting application software. Background technique [0002] Buffer Overflow vulnerability (Buffer Overflow) can affect the characteristics of running process stack data, which brings serious challenges to software security. Therefore, protecting software from running normally in an unknown environment, detecting the integrity of stack data, and preventing control flow hijacking have become an important issue that has not yet been fully resolved in the field of system and software security. As a method of software protection, data integrity detection is widely accepted. As a basic test method, program instrumentation can use the code segment inserted into the program to...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/52
CPCG06F21/52
Inventor 朱君茅兵周伟平
Owner NANJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap