Code reuse attack defense method based on dynamic function loading

A code reuse and function technology, which is applied in the field of code reuse attack defense based on function dynamic loading, can solve problems such as leak attacks and memory that is easily cracked by brute force, and achieve the effect of performance overhead.

Active Publication Date: 2022-07-15
OCEAN UNIV OF CHINA
View PDF3 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the randomization of memory only reaches the page level, and the data in the page is still stored sequentially, which is easy to be cracked by violence; at the same time, ASLR will face the threat of memory leak attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Code reuse attack defense method based on dynamic function loading
  • Code reuse attack defense method based on dynamic function loading
  • Code reuse attack defense method based on dynamic function loading

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The following detailed description is exemplary and intended to provide further explanation of the present application. Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. It should be noted that the terminology used herein is for the purpose of describing specific embodiments only, and is not intended to limit the exemplary embodiments according to the present application.

[0027] The present invention provides a code reuse attack defense scheme based on function dynamic loading, and the method includes:

[0028] S1. Preprocess the binary executable file, identify the starting address and size of the function block, identify the segment information, define and identify the compliant address; classify it with the function of the gadget, and extract the machine code features of the corresponding type of gadget instruction, so as to Se...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the field of software vulnerability defense, and particularly relates to a code reuse attack defense method based on dynamic function loading, which comprises the following steps: S1, preprocessing a binary executable file, identifying the initial address and size of a function block, identifying segment information, and defining and identifying a compliance address; the binary executable file is preprocessed, the initial address and size of a function block are recognized, segment information is recognized, and a compliance address is defined and recognized; the executable file is classified according to the function of the gadget, and machine code features of the corresponding type of the gadget instruction are extracted, so that the gadget in the executable file can be searched; s2, a function dynamic loading scheme for local control flow integrity is introduced; and S3, a dynamic function uninstalling scheme of the gadget semantics is introduced. The method has the advantages that the required functions are dynamically loaded when the program runs, part of the functions are unloaded in time to reduce the number of available gadgets in the memory space during running, and the gadgets in the program are prevented from being utilized.

Description

technical field [0001] The present application belongs to the field of software vulnerability defense, and in particular relates to a code reuse attack defense method based on function dynamic loading. Background technique [0002] Software vulnerabilities are widely used in offensive and defensive games as a strategic resource due to their high threat, difficult to defend, and ubiquitous characteristics. Among them, the buffer overflow vulnerability is one of the representatives, and it has always been the hardest hit by attackers. Specifically, the attacker obtains the control of an instruction pointer through the buffer overflow vulnerability, hijacks the control flow by connecting the code fragment of the program itself (usually called gadget), and changes the register state to achieve the purpose of the code reuse attack of the system call . The existing methods mainly include control flow integrity (CFI), memory layout randomization and software debloat technology. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/52G06F21/56
CPCG06F21/52G06F21/566
Inventor 曲海鹏宋晓琪吕文杰李建国
Owner OCEAN UNIV OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap