中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 信息安全国家重点实验室  > 会议论文
Subject: 计算机科学技术基础学科::数据安全与计算机安全 ; 计算机系统结构::计算机系统设计 ; 计算机软件::操作系统与操作环境 ; 计算机软件::程序设计及其语言 ; 计算机软件::编译系统 ; 计算机软件::软件工程
Title:
HyperCrop: A Hypervisor-Based Countermeasure for Return Oriented Programming
Author: Jun Jiang ; Xiaoqi Jia ; Dengguo Feng ; Shengzhi Zhang ; Peng Liu
Source: Lecture Notes in Computer Science, 2011, Volume 7043/2011 (Proceedings of the 13th International Conference on Information and Communications Security)
Conference Name: International Conference on Information and Communications Security
Conference Date: 2011/11/23-2011/11/26
Issued Date: 2011-11
Conference Place: Friendship Hotel, Haidian District, Beijing, China
Keyword: Return oriented programming ; Hypervisor-based security ; Hardware assisted virtualization
Related URLs: 查看原文
Publisher: Springer-Verlag
Publish Place: Berlin Heidelberg
Indexed Type: CPCI(ISTP) ; EI
Cooperation Status: 国际
ISSN: 0302-9743
ISBN: 978-3-642-25242-6
Abstract:
Return oriented programming (ROP) has recently caught great attention of both academia and industry. It reuses existing binary code instead of injecting its own code and is able to perform arbitrary computation due to its Turing-completeness. Hence, It can successfully bypass state-of-the-art code integrity mechanisms such as NICKLE and SecVisor. In this paper, we present HyperCrop, a hypervisor-based approach to counter such attacks. Since ROP attackers extract short instruction sequences ending in ret called “gadgets” and craft stack content to “chain” these gadgets together, our method recognizes that the key characteristics of ROP is to fill the stack with plenty of addresses that are within the range of libraries (e.g. libc). Accordingly, we inspect the content of the stack to see if a potential ROP attack exists. We have implemented a proof-of-concept system based on the open source Xen hypervisor. The evaluation results exhibit that our solution is effective and efficient.
Language: 英语
Content Type: 会议论文
URI: http://ir.iscas.ac.cn/handle/311060/14506
Appears in Collections:信息安全国家重点实验室_会议论文

Files in This Item:
File Name/ File Size Content Type Version Access License
fulltext.pdf(280KB)----限制开放 联系获取全文

Recommended Citation:
Jun Jiang,Xiaoqi Jia,Dengguo Feng,et al. HyperCrop: A Hypervisor-Based Countermeasure for Return Oriented Programming[C]. 见:International Conference on Information and Communications Security. Friendship Hotel, Haidian District, Beijing, China. 2011/11/23-2011/11/26.http://link.springer.com/chapter/10.1007%2F978-3-642-25243-3_29.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[Jun Jiang]'s Articles
[Xiaoqi Jia]'s Articles
[Dengguo Feng]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[Jun Jiang]‘s Articles
[Xiaoqi Jia]‘s Articles
[Dengguo Feng]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2019  中国科学院软件研究所 - Feedback
Powered by CSpace