A Code Reuse Attack Protection Technique Based on Code Anti-Leakage
-
摘要: 随着地址空间布局随机化被广泛部署于操作系统上,传统的代码复用攻击受到了较好的抑制.但新型的代码复用攻击能通过信息泄露分析程序的内存布局而绕过地址空间布局随机化(address space layout randomization, ASLR),对程序安全造成了严重威胁.通过分析传统代码复用攻击和新型代码复用攻击的攻击本质,提出一种基于代码防泄漏的代码复用攻击防御方法VXnR,并在Bitvisor虚拟化平台上实现了VXnR,该方法通过将目标进程的代码页设置可执行不可读(Execute-no-Read, XnR),使代码可以被处理器正常执行,但在读操作时根据被读物理页面的存储内容对读操作进行访问控制,从而阻止攻击者利用信息泄露漏洞恶意读进程代码页的方法搜索gadgets,实验结果表明:该方法既能防御传统的代码复用攻击,还能够防御新型的代码复用攻击,且性能开销在52.1%以内.Abstract: As the address space layout randomization (ASLR) is widely deployed on operating systems, traditional code reuse attacks are suppressed. New code reuse attacks analyze program memory layout through information leak to bypass ASLR, which causes a serious threat to the safety of programs. By analyzing the nature of traditional code reuse attacks and new code reuse attacks, we propose a code reuse attack protection technique VXnR based on code anti-leakage. In this method, we set Execute-no-Read (XnR) permission for the code pages of the target process so that code can be properly executed by the processor, but a read operation is controlled according to the content in the physical page to be accessed, which can prevent attackers from maliciously reading code pages of process to search gadgets by using the information disclosure vulnerability, and defense both traditional code reuse attacks and new code reuse attacks. We have developed a prototype of VXnR and implemented it in a virtual machine monitor Bitvisor. We also evaluate the effectiveness and performance overhead of our approach by comprehensive experiments. The experimental results show that VXnR can effectively prevent attackers from exploiting executable code of the target process to launch code reuse attacks with less than 52.1% overhead.
-
计量
- 文章访问数: 1341
- HTML全文浏览量: 0
- PDF下载量: 650
下载:
