Protecting Programs Based on Randomizing the Encapsulated Structure

Chen Ping, Xing Xiao, Xin Zhi, Wang Yi, Mao Bing, and Xie Li

Journal of Computer Research and Development > 2011 > 48(12): 2227-2234.

Chen Ping, Xing Xiao, Xin Zhi, Wang Yi, Mao Bing, and Xie Li. Protecting Programs Based on Randomizing the Encapsulated Structure[J]. Journal of Computer Research and Development, 2011, 48(12): 2227-2234.

Citation:

PDF (1292 KB)

Protecting Programs Based on Randomizing the Encapsulated Structure

Chen Ping, Xing Xiao, Xin Zhi, Wang Yi, Mao Bing, and Xie Li

(State Key Laboratory for Novel Software Technology (Nanjing University), Nanjing 210093) (Department of Computer Science and Technology, Nanjing University, Nanjing 210093)

More Information

Published Date: December 14, 2011

Graphical Abstract

Abstract

Abstract

Randomization method is widely applied into practice for protecting the program from attacks. There are two limitations in existing randomization techniques. One is that they are coarse-grained, as such they may fail to defend the attacks caused by maliciously fabricating the inner variable in function/struct/class. Another limitation is that existing randomization techniques ignore the fact that majority of the attacks leverage the input data to fabricate the sensitive data objects. In this paper, a fine-grained randomization method is proposed to protect programs based on an enhanced safety structure. These techniques will reorder the encapsulated structure (function, struct, class) layout. In addition, this method extracts input-related array and separates the array by inserting the guard between them. The randomization approach not only applies the randomization techniques into function/struct/class to foil a number of attacks, but also extracts the input-related array and inserts the guard to prevent them from being maliciously crafted. As an enhancement to existing randomization techniques, this method is able to protect the programs from both control-flow attacks and non-control-flow attacks. This technique has been implemented in the open source compiler GCC, and the experimental results show that the approach can effectively detect the real world attacks and has low performance overhead.
- computer security,
- software security,
- software vulnerability,
- encapsulated structure,
- randomization

FullText(HTML)

References (0)

[1]	Wang Hanzhi, Yi Lu, Wei Zhewei, Gan Junhao, Yuan Ye, Wen Jirong, Du Xiaoyong. Random-Walk Probability Computation on Dynamic Weighted Graphs[J]. Journal of Computer Research and Development, 2024, 61(8): 1865-1881. DOI: 10.7544/issn1000-1239.202440148
[2]	Guan Xiaoqiang, Wang Wenjian, Pang Jifang, Meng Yinfeng. Space Transformation Based Random Forest Algorithm[J]. Journal of Computer Research and Development, 2021, 58(11): 2485-2499. DOI: 10.7544/issn1000-1239.2021.20200523
[3]	Ding Yong, Li Jiahui, Tang Shijie, Wang Huiyong. Template Protection of Speaker Recognition Based on Random Mapping Technology[J]. Journal of Computer Research and Development, 2020, 57(10): 2201-2208. DOI: 10.7544/issn1000-1239.2020.20200474
[4]	Wang Jieting, Qian Yuhua, Li Feijiang, Liu Guoqing. Support Vector Machine with Eliminating the Random Consistency[J]. Journal of Computer Research and Development, 2020, 57(8): 1581-1593. DOI: 10.7544/issn1000-1239.2020.20200127
[5]	Lü Yali, Wu Jiajie, Liang Jiye, Qian Yuhua. Random Search Learning Algorithm of BN Based on Super-Structure[J]. Journal of Computer Research and Development, 2017, 54(11): 2558-2566. DOI: 10.7544/issn1000-1239.2017.20160715
[6]	Gao Shujing, Qu Yingjie, Song Tingqiang. Pseudorandom Number Generators Based on One-Way Functions[J]. Journal of Computer Research and Development, 2015, 52(6): 1394-1399. DOI: 10.7544/issn1000-1239.2015.20131954
[7]	Xiong Gang, Ping Xijian, Zhang Tao, Li Kan. Steganalysis of LSB Matching Based on the Measurement of the Region Randomness[J]. Journal of Computer Research and Development, 2013, 50(5): 942-950.
[8]	Yue Daheng, Qi Shubo, Li Shaoqing, and Zhang Minxuan. A DPA Resistant Technology Based on Register Switching Time Randomization[J]. Journal of Computer Research and Development, 2012, 49(3): 491-498.
[9]	Ha Minghu, Tian Jingfeng, Zhang Zhiming. Structural Risk Minimization Principle Based on Complex Random Samples[J]. Journal of Computer Research and Development, 2009, 46(11): 1907-1916.
[10]	Fan Limin, Feng Dengguo, Zhou Yongbin. A Fuzzy-Based Randomness Evaluation Model for Block Cipher[J]. Journal of Computer Research and Development, 2008, 45(12): 2095-2101.