Institutional Repository
| HyperCrop: A Hypervisor-Based Countermeasure for Return Oriented Programming | |
| Jun Jiang; Xiaoqi Jia; Dengguo Feng; Shengzhi Zhang; Peng Liu | |
| 2011-11 | |
| 会议名称 | International Conference on Information and Communications Security |
| 会议录名称 | Lecture Notes in Computer Science, 2011, Volume 7043/2011 (Proceedings of the 13th International Conference on Information and Communications Security) |
| 会议日期 | 2011/11/23-2011/11/26 |
| 会议地点 | Friendship Hotel, Haidian District, Beijing, China |
| 收录类别 | CPCI(ISTP) ; EI |
| 合作性质 | 国际 |
| 出版地 | Berlin Heidelberg |
| 出版者 | Springer-Verlag |
| ISSN | 0302-9743 |
| ISBN | 978-3-642-25242-6 |
| 摘要 | Return oriented programming (ROP) has recently caught great attention of both academia and industry. It reuses existing binary code instead of injecting its own code and is able to perform arbitrary computation due to its Turing-completeness. Hence, It can successfully bypass state-of-the-art code integrity mechanisms such as NICKLE and SecVisor. In this paper, we present HyperCrop, a hypervisor-based approach to counter such attacks. Since ROP attackers extract short instruction sequences ending in ret called “gadgets” and craft stack content to “chain” these gadgets together, our method recognizes that the key characteristics of ROP is to fill the stack with plenty of addresses that are within the range of libraries (e.g. libc). Accordingly, we inspect the content of the stack to see if a potential ROP attack exists. We have implemented a proof-of-concept system based on the open source Xen hypervisor. The evaluation results exhibit that our solution is effective and efficient. |
| 关键词 | Return Oriented Programming Hypervisor-based Security Hardware Assisted Virtualization |
| 学科领域 | 数据安全与计算机安全 ; 计算机系统设计 ; 操作系统与操作环境 ; 程序设计及其语言 ; 编译系统 ; 软件工程 |
| URL | 查看原文 |
| 语种 | 英语 |
| 内容类型 | 会议论文 |
| URI标识 | http://ir.iscas.ac.cn/handle/311060/14506 |
| 专题 | 信息安全国家重点实验室 |
| 推荐引用方式 GB/T 7714 | Jun Jiang,Xiaoqi Jia,Dengguo Feng,et al. HyperCrop: A Hypervisor-Based Countermeasure for Return Oriented Programming[C]. Berlin Heidelberg:Springer-Verlag,2011. |
| 条目包含的文件 | ||||||
| 文件名称/大小 | 文献类型 | 版本类型 | 开放类型 | 使用许可 | ||
| fulltext.pdf(280KB) | 开放获取 | 使用许可 | 请求全文 | |||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论