ROP chain detection method and device and medium

A detection method and data technology, which is applied in the direction of safety communication devices, digital transmission systems, electrical components, etc., can solve the problems of tediousness, long data to be detected, and inability to locate data packets, so as to simplify the detection process and save time and cost Effect

Active Publication Date: 2022-07-29
NAT UNIV OF DEFENSE TECH
View PDF7 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the existing ROP chain detection process, data packets need to be detected multiple times, and the data to be detected is long. The entire detection process is cumbersome, and the detection time and cost it takes is relatively long.
At the same time, the detection of the ROP chain can only know the presence of the ROP chain in the data packet, and cannot locate the location of the data packet, so that the detection work stays at detecting the occurrence of ROP attacks and cannot provide guarantee for follow-up work

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • ROP chain detection method and device and medium
  • ROP chain detection method and device and medium
  • ROP chain detection method and device and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0057] The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, but not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work fall within the protection scope of the present invention.

[0058] The core of the present invention is to provide a ROP chain detection method, device and medium, which saves time and cost, simplifies the detection process, and ensures the normal operation of subsequent flow data according to the location of the locating ROP chain.

[0059] In order to make those skilled in the art better understand the solution of the present invention, the present invention will be further described in detail below w...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The ROP chain detection method and device and the medium provided by the invention are suitable for the field of flow detection. Based on a composition rule of an ROP chain, the problem that to-be-detected flow data of a data packet needs to be detected and judged for multiple times in existing research is optimized, the number of times of detection and judgment is set according to a specific operating system digit, and the to-be-detected flow data is simplified to obtain first generation data; correspondingly dividing the plurality of pieces of first generation data into a plurality of pieces of second generation data according to a byte address division principle and a Gadget address space; and according to the sliding window, judging the plurality of pieces of second generation data to obtain corresponding sliding data. And when the sliding data meets the preset condition, the position of the target sequence which appears for the first time is output to correspond to the position of the first generation data so as to position the ROP chain position, so that the time cost is further saved, the detection process is simplified, and convenience can be provided for subsequent flow analysis work according to the positioned ROP chain position.

Description

technical field [0001] The invention relates to the field of flow detection, in particular to a detection method, device and medium of a ROP chain. Background technique [0002] For the operating system mitigation mechanism, there is a technology that uses code fragments in the program to control the execution flow of the program, which is called Return Oriented Programming (ROP). The attacker implements the ROP attack by calling the code in the program memory space multiple times, thereby successfully bypassing the protection mechanism and implementing arbitrary instruction execution. Using the instruction fragment (Gadget) ending with the ret instruction to construct a ROP chain is an important feature of the gadget in the ROP attack. Gadget is the basic unit of building a ROP chain. Depending on the code fragment, it can be combined to complete various tasks, such as loading values ​​into registers, storing, arithmetic and logic operations, etc. [0003] Since the ROP c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40
CPCH04L63/1416H04L63/1425
Inventor 王剑张梦杰黄恺杰刘星彤杨刚
Owner NAT UNIV OF DEFENSE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap