Stack buffer overflow attack defense method based on LBR

Abstract

The invention provides a stack buffer overflow attack defense method based on an LBR. An original call instruction and a let instruction are replaced by using a set instruction set. Hardware factors are introduced into protection of the return address in the stack, the 'address' stored in the stack is actually a software factor for generating a real return address, and the real return address canbe obtained only after the software factor is combined with the hardware factor provided by the processor LBR, so that an attacker directly attacks data in the stack to fail. Due to the fact that an attacker does not have the capability of directly attacking a physical system, it can be reasonably assumed that hard factors cannot be attacked and tampered. Based on the credibility of the hard factor, the stack data protection scheme provided by the invention is effective by combining the design of preventing replay of the random factor. Different from a shadow stack or an address returning encryption method, the method does not depend on too much computational complexity and redundant space, only a plurality of instructions are added, and the operation efficiency is guaranteed.

Description

technical field [0001] The invention relates to the technical field of computer operating systems, in particular to an LBR-based stack buffer overflow attack defense method. Background technique [0002] The stack buffer overflow vulnerability is a very common security vulnerability in software systems. It achieves the purpose of controlling the software control flow by continuously injecting data into the stack to overwrite the return address of the function. Using stack buffer overflow vulnerabilities, attackers can bypass security measures such as anti-virus, enter the operating system and steal user privacy. [0003] For stack buffer overflow attacks, the most classic defense method is Stack Guard. To put it simply, StackGuard inserts a flag word into the stack as a "sentinel". When an attacker tampers with the return address by continuously injecting illegal addresses, the "sentinel" will be overwritten. In this way, when the program returns from the sub-function, it ...

AI Technical Summary

Problems solved by technology

Although the content to be encrypted is very short (only one address), it still requires the processor to read the key, perform encryption and decryption operations and other operations that consume processor resources

In the process of program execution, the introduction of encryption and decryption operations may also destroy the principle of locality, resulting in a decrease in the hit rate of the TLB (Translation Look aside Buffer; conversion detection buffer) and a decrease in the accuracy of branch prediction, which again affects the overall performance of the system.

[0007] In addition to performance overhead issues, Point Guard still faces key protection issues

The premise of the Point Guard defense method is that the attacker cannot know the key

If the attacker knows the key, he can overwrite the ciphertext of the return address with the ciphertext of the illegal address, and the stack overflow attack is effective

Images