A Code Reuse Attack Protection Technique Based on Code Anti-Leakage

Wang Ye; Li Qingbao; Zeng Guangyu; Chen Zhifeng

doi:10.7544/issn1000-1239.2016.20160423

Journal of Computer Research and Development > 2016 > 53(10): 2277-2287. > DOI: 10.7544/issn1000-1239.2016.20160423

Wang Ye, Li Qingbao, Zeng Guangyu, Chen Zhifeng. A Code Reuse Attack Protection Technique Based on Code Anti-Leakage[J]. Journal of Computer Research and Development, 2016, 53(10): 2277-2287. DOI: 10.7544/issn1000-1239.2016.20160423

Citation:

PDF (2404 KB)

A Code Reuse Attack Protection Technique Based on Code Anti-Leakage

(PLA Information Engineering University, Zhengzhou 450001) (State Key Laboratory of Mathematical Engineering and Advanced Computing (PLA Information Engineering University), Zhengzhou 450001)

More Information

Published Date: September 30, 2016

Graphical Abstract

Abstract

Abstract

As the address space layout randomization (ASLR) is widely deployed on operating systems, traditional code reuse attacks are suppressed. New code reuse attacks analyze program memory layout through information leak to bypass ASLR, which causes a serious threat to the safety of programs. By analyzing the nature of traditional code reuse attacks and new code reuse attacks, we propose a code reuse attack protection technique VXnR based on code anti-leakage. In this method, we set Execute-no-Read (XnR) permission for the code pages of the target process so that code can be properly executed by the processor, but a read operation is controlled according to the content in the physical page to be accessed, which can prevent attackers from maliciously reading code pages of process to search gadgets by using the information disclosure vulnerability, and defense both traditional code reuse attacks and new code reuse attacks. We have developed a prototype of VXnR and implemented it in a virtual machine monitor Bitvisor. We also evaluate the effectiveness and performance overhead of our approach by comprehensive experiments. The experimental results show that VXnR can effectively prevent attackers from exploiting executable code of the target process to launch code reuse attacks with less than 52.1% overhead.
- address space layout randomization (ASLR),
- code reuse attack,
- program security,
- information leaks,
- virtualization

FullText(HTML)

References (0)

[1]	Liu Runtao, Liang Jianchuang. Reverse Nearest Neighbor Query Based on New Index Structure[J]. Journal of Computer Research and Development, 2020, 57(6): 1335-1346. DOI: 10.7544/issn1000-1239.2020.20190470
[2]	Li Song, Dou Yanan, Hao Xiaohong, Zhang Liping, Hao Zhongxiao. The Method of the K-Dominant Space Skyline Query in Road Network[J]. Journal of Computer Research and Development, 2020, 57(1): 227-239. DOI: 10.7544/issn1000-1239.2020.20190026
[3]	Li Song, Zhang Liping, Hao Zhongxiao. Strong Neighborhood Pair Query in Dynamic Dataset[J]. Journal of Computer Research and Development, 2015, 52(3): 749-759. DOI: 10.7544/issn1000-1239.2015.20131390
[4]	Yang Zexue, Hao Zhongxiao. Group Obstacle Nearest Neighbor Query in Spatial Database[J]. Journal of Computer Research and Development, 2013, 50(11): 2455-2462.
[5]	Liu Junling, Yu Ge, Sun Huanliang. Topic-relevant Region Queries in Spatial Database[J]. Journal of Computer Research and Development, 2012, 49(10): 2171-2180.
[6]	Wang Jinbao, Gao Hong, Li Jianzhong, Yang Donghua. An Index Supporting Spatial Approximate Keyword Search on Disks[J]. Journal of Computer Research and Development, 2012, 49(10): 2142-2152.
[7]	Liu Runtao, Hao Zhongxiao. Fast Algorithm of Nearest Neighbor Query for Line Segments of Spatial Database[J]. Journal of Computer Research and Development, 2011, 48(12): 2379-2384.
[8]	Liao Haojun, Han Jizhong, Fang Jinyun. All-Nearest-Neighbor Queries Processing in Spatial Databases[J]. Journal of Computer Research and Development, 2011, 48(1): 86-93.
[9]	Liu Runtao, Hao Zhongxiao. A Multi-Order Based Index Structure for Spatial Data—MOIS-tree[J]. Journal of Computer Research and Development, 2010, 47(5): 849-857.
[10]	Hao Zhongxiao, Wang Yudong, He Yunbin. Line Segment Nearest Neighbor Query of Spatial Database[J]. Journal of Computer Research and Development, 2008, 45(9): 1539-1545.