System and method for resisting memory leak based on LLVM

A memory leak and honeypot technology, applied in the field of computer software security, can solve problems such as high overhead, inconvenient deployment, inability to use, etc., and achieve the effects of low overhead, increased difficulty, and strong compatibility

Active Publication Date: 2020-04-17
WUHAN UNIV
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

These two methods can mitigate execution-based memory leak attacks to a certain extent, but most of them cannot be used in actual industrialized scenarios due to problems such as high overhead and inconvenient deployment.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method for resisting memory leak based on LLVM
  • System and method for resisting memory leak based on LLVM
  • System and method for resisting memory leak based on LLVM

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] In order to facilitate those skilled in the art to understand and implement the present invention, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the implementation examples described here are only used to illustrate and explain the present invention, not to limit the present invention.

[0038] The technical scheme of the present invention proposes that the memory leak attack is alleviated through the LLVM-based code honeypot method and the LLVM-based data honeypot method. Defend against memory leak attacks based on code and data pointers by inserting code and data honeypots at compile time. LLVM is a framework system for framework compilers. The present invention can be realized in a computer.

[0039] The embodiment of the present invention proposes a method for resisting memory leaks based on LLVM, including:

[0040] Code honeypot step: used to alleviate ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a system and a method for resisting memory leak based on an LLVM. The system comprises a code honeypot device and a data honeypot device, the code honeypot device is used for resisting a memory leak attack based on a code pointer; the method comprises the following steps: compiling an LLVM source file into IR layer codes; identifying a cross-function transfer instruction, aninsertion condition judgment instruction and a real end pointing to the jump instruction in the code, then creating a copy of a function or code fragment pointed by the jump instruction, creating a honeypot jump instruction pointing to the copy at a condition judgment false end, and finally transferring the copy to a monitored or non-executable honeypot area; the data honeypot device is used foridentifying instructions easy to cause code position leakage, including a return address instruction of a program, a function pointer generation instruction, a virtual function pointer generation instruction and an exception handling pointer generation instruction, and inserting a corresponding honeypot function or code generation instruction. According to the system, the memory leakage attack ofpointer leakage based on codes and data can be resisted.

Description

technical field [0001] The invention belongs to the field of computer software security, and relates to a technical solution for resisting memory leaks based on LLVM. Background technique [0002] The attack and defense of code reuse attacks is one of the important research directions of software security. The code reuse attack completes the attack by reusing the code already in the program and hijacking the control flow to the target reusing code. The current randomization method increases the entropy value of the target program, and the attacker cannot directly construct an attack based on the target fragment position obtained by offline analysis. Therefore, the attacker uses memory leaks to obtain the real code location after randomization, so as to correct the location of the fragment or directly search for the fragment in memory. [0003] Some classic methods use memory leaks to locate gadgets to assist code reuse attacks. JIT-ROP uses the memory information leakage ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55
CPCG06F21/554
Inventor 傅建明金睿
Owner WUHAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap