A defense method of stack buffer overflow attack based on lbr

Abstract

The invention provides an LBR-based stack buffer overflow attack defense method. By using the set instruction set to replace the original call instruction and ret instruction, the hardware factor is introduced into the protection of the return address in the stack. The "address" stored in the stack is actually the software factor that generates the real return address. Only with processing The real return address can only be obtained after combining the hardware factors provided by the controller LBR, which makes the attacker's method of directly attacking the data in the stack invalid. Since the attacker does not have the ability to directly attack the physical system, the present invention can reasonably assume that the hard factor cannot be tampered with by the attack. Based on the credibility of the hard factor, combined with the anti-replay design of the random factor, the stack data protection scheme proposed by the present invention is effective. Different from the method of shadow stack or encrypted return address, the present invention does not rely on too much computational complexity and redundant space, but only adds several instructions, and the operating efficiency is guaranteed.

Description

technical field [0001] The invention relates to the technical field of computer operating systems, in particular to an LBR-based stack buffer overflow attack defense method. Background technique [0002] The stack buffer overflow vulnerability is a very common security vulnerability in software systems. It achieves the purpose of controlling the software control flow by continuously injecting data into the stack to overwrite the return address of the function. Using stack buffer overflow vulnerabilities, attackers can bypass security measures such as anti-virus, enter the operating system and steal user privacy. [0003] For stack buffer overflow attacks, the most classic defense method is Stack Guard. To put it simply, StackGuard inserts a flag word into the stack as a "sentinel". When an attacker tampers with the return address by continuously injecting illegal addresses, the "sentinel" will be overwritten. In this way, when the program returns from the sub-function, it ...

AI Technical Summary

Problems solved by technology

Although the content to be encrypted is very short (only one address), it still requires the processor to read the key, perform encryption and decryption operations and other operations that consume processor resources

In the process of program execution, the introduction of encryption and decryption operations may also destroy the principle of locality, resulting in a decrease in the hit rate of the TLB (Translation Look aside Buffer; conversion detection buffer) and a decrease in the accuracy of branch prediction, which again affects the overall performance of the system.

[0007] In addition to performance overhead issues, Point Guard still faces key protection issues

The premise of the Point Guard defense method is that the attacker cannot know the key

If the attacker knows the key, he can overwrite the ciphertext of the return address with the ciphertext of the illegal address, and the stack overflow attack is effective

Images