program non-control data attack protection method based on an LLVM compiler

A compiler, non-controlling technology, applied in the direction of code compilation, program code conversion, platform integrity maintenance, etc., can solve the problems of high performance overhead, affecting the effect of protection, poor portability, etc., and achieve low space and time complexity. , Improve the accuracy and prevent the effect of related attacks

Active Publication Date: 2019-06-21
陕西数图行信息科技有限公司
View PDF4 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If the non-control data in the program is tampered with, it will also cause very serious problems, such as enabling the attacker to obtain higher privileges (such as root privileges under the Linux system), stealing user privacy data, opening backdoor vulnerabilities, etc. non-controlling data in the program for protection
Most of the existing non-control data protection technologies are aimed at 32-bit applications, such as Data-flow Integrity [Castro et al., USENIX OSDI2006] and Write Integrity Testing [Akritidis et al., IEEE S&P 2008] proposed by Microsoft Corporation, and Due to the lack of accuracy of the pointer analysis method used, there may be some errors in the analysis results, which will affect the protection effect
At the same time, most of the existing non-control data protection technologies provide protection for the entire virtual address space of the program, which has poor portability and high performance overhead.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • program non-control data attack protection method based on an LLVM compiler
  • program non-control data attack protection method based on an LLVM compiler
  • program non-control data attack protection method based on an LLVM compiler

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0074] The present invention will be further described in detail below in conjunction with specific embodiments, which are explanations of the present invention rather than limitations.

[0075] The present invention is proposed based on such an observation: no matter what type of attack on data tampering, if they want to tamper with data, they must pass unsafe data writing operations. If all data writing operations can be protected , it can fundamentally resist attacks against data tampering.

[0076] The core idea of ​​the present invention is to design and implement a writing protection technology for non-control data. This mechanism assigns an identifier to each data write instruction, and at the same time, in the program compilation stage, assigns an identifier to the data in the data / bss segment of the program to form an identifier table; through compiler-based instruction conversion, the program is performing data When writing, do not write directly, but first compare ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a program non-control data attack protection method based on an LLVM compiler, and the method comprises the steps: compiling a program source code into an intermediate code fora 64-bit application program which is widely applied at present, carrying out the static analysis of the intermediate code, obtaining a directivity analysis result, and obtaining non-control data which needs to be protected; meanwhile, carrying out instruction instrumentation on the basis of the intermediate code, so that non-control data of the program are prevented from being maliciously tampered. According to the method, the defects of an original static analysis method are overcome, the analysis accuracy is improved, and the security threat caused by malicious tampering of program non-control data by an attacker is solved by utilizing relatively low space and time complexity.

Description

technical field [0001] The invention belongs to the field of software security and relates to protection against malicious attacks, in particular to an LLVM compiler-based protection method for program non-control data attacks, which can be used to protect the safe operation of programs. Background technique [0002] Since many programs are written in unsafe languages, such as C or C++, they are vulnerable to attacks based on memory safety. For example, an attacker can use a buffer overflow vulnerability to overwrite a function return address or program branch variable data in memory, thereby changing the execution flow of the program. [0003] In response to attacks, in recent years, industry researchers have proposed many protection mechanisms to defend against attacks based on memory safety. However, the analysis found that most of the existing protection mechanisms provide protection for program control data (such as function pointers and function return addresses), so ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06F21/56G06F21/57G06F8/41
Inventor 李金库张晓赞罗林波姚青松马建峰
Owner 陕西数图行信息科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap