Kernel code pointer integrity protection method based on ARM pointer verification

An integrity protection and pointer technology, applied in program/content distribution protection, digital data protection, instruments, etc., can solve problems such as the inability to automatically identify data pointers, and achieve the effect of reducing performance overhead and saving time

Active Publication Date: 2020-12-18
ZHEJIANG UNIV
View PDF8 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Unfortunately, PARTS cannot automatically identify sensitive data pointers, and can only protect user-mode programs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Kernel code pointer integrity protection method based on ARM pointer verification
  • Kernel code pointer integrity protection method based on ARM pointer verification

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] In order to make the purpose, technical solution and advantages of the present application clearer, the technical solution of the present application will be clearly and completely described below in conjunction with specific embodiments of the present application and corresponding drawings. Apparently, the described embodiments are only some of the embodiments of the present application, rather than all the embodiments. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0032] figure 1 A flowchart of a method for protecting the integrity of a kernel code pointer based on ARM pointer verification provided by an embodiment of the present invention; a method for protecting the integrity of a kernel code pointer based on ARM pointer verification provided in this embodiment uses a pointer verification code to All sensiti...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a kernel code pointer integrity protection method based on ARM pointer verification. Intelligence protection is provided for all sensitive pointers in a kernel through pointerverification codes. The method comprises the following steps: (1) positioning all sensitive pointers in kernel codes; (2) inserting a pointer verification instruction to enable a pointer verificationcode to be generated and embedded before a sensitive pointer is written into a memory, and checking the pointer verification code after the sensitive pointer is read from the memory; and (3) modifyinga kernel startup code, initializing pointer verification characteristics at the early stage of startup, and then initializing a pointer verification code of the global sensitive pointer. According tothe method, the integrity of the control flow of the kernel is protected, an attacker can be prevented from indirectly tampering the code pointer by tampering the data pointer, and the integrity of the code pointer is comprehensively protected in the kernel.

Description

technical field [0001] The invention relates to the field of computer system security, in particular to a method for protecting kernel code pointer integrity (Code Pointer Integrity, CPI) based on ARM pointer authentication (Pointer Authentication, PA). Background technique [0002] The operating system is the basis of the operation of the computer system, and any security issues on it will directly endanger the overall security of the system. In recent years, attacks against operating systems have emerged one after another, such as the Stuxnet virus in 2010 and the WannaCry worm-style ransomware from 2017 to 2019. According to the evolution of attack methods, attacks on the operating system are mainly divided into three categories: code injection attacks, code reuse attacks, and uncontrolled data attacks. At the same time, operating system security has been greatly improved in the continuous confrontation between attackers and defenders. With the large-scale deployment of ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/64G06F21/12
CPCG06F21/64G06F21/125
Inventor 杨昱天朱凇伯申文博周亚金任奎王文海
Owner ZHEJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap