| Defending return-oriented programming based on virtualization techniques | |
| Xiaoqi Jia; Rui Wang; Jun Jiang; Shengzhi Zhang; Peng Liu | |
| 2013-10 | |
| 发表期刊 | Security and Communication Networks
 |
| 卷号 | Volume 6期号:Issue 10页码:1236-1249 |
| 摘要 | Over the past few years, return-oriented programming (ROP) has drawn great attention of both academia and industry. Because of its Turing completeness, ROP reuses short instruction sequences already present in the victim program's address space to perform arbitrary computation. Hence, it can successfully bypass state-of-the-art code integrity check mechanisms. In this paper, we look into using virtualization technologies to defeat return-oriented programming. We design and implement HyperCropII, a virtualization-based automatic runtime approach to defend such attacks. ROP attackers extract short instruction sequences ending in ret called "gadgets" and craft stack content to "chain" these gadgets together. We observe that a key characteristic of ROP is to fill the stack with plenty of addresses that are within the range of the program's libraries. Accordingly, we inspect the content of the stack to see if a potential ROP attack exists and quarantine the damages for further security purposes. We have implemented a proof-of-concept system based on the open source Xen hypervisor. The evaluation results exhibit that our solution is effective and efficient. |
| 收录类别 | SCI ; EI |
| 合作性质 | 国际 |
| 关键词 | Return-oriented Programming Hypervisor-based Security Hardware-assisted Virtualization |
| 学科领域 | 数据安全与计算机安全 ; 计算机系统设计 ; 操作系统与操作环境 ; 程序设计及其语言 ; 编译系统 |
| 语种 | 英语 |
| WOS记录号 | WOS:000325110400005 |
| 引用统计 | |
| 内容类型 | 期刊论文 |
| URI标识 | http://ir.iscas.ac.cn/handle/311060/14768 |
| 专题 | 信息安全国家重点实验室 |
| 推荐引用方式 GB/T 7714 | Xiaoqi Jia,Rui Wang,Jun Jiang,et al. Defending return-oriented programming based on virtualization techniques[J]. Security and Communication Networks,2013,Volume 6(Issue 10):1236-1249. |
| APA | Xiaoqi Jia,Rui Wang,Jun Jiang,Shengzhi Zhang,&Peng Liu.(2013).Defending return-oriented programming based on virtualization techniques.Security and Communication Networks,Volume 6(Issue 10),1236-1249. |
| MLA | Xiaoqi Jia,et al."Defending return-oriented programming based on virtualization techniques".Security and Communication Networks Volume 6.Issue 10(2013):1236-1249. |
| 条目包含的文件 | ||||||
| 文件名称/大小 | 文献类型 | 版本类型 | 开放类型 | 使用许可 | ||
| bj01271972.pdf(1483KB) | 开放获取 | 使用许可 | 请求全文 | |||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论