prevent kernel return-oriented programming attacks using hardware virtualization

ISCAS OpenIR

	prevent kernel return-oriented programming attacks using hardware virtualization
	Tian Shuo; He Yeping; Ding Baozeng
	2012
会议名称	8th International Conference on Information Security Practice and Experience, ISPEC 2012
会议录名称	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
页码	289-300
会议日期	April 9, 2012 - April 12, 2012
会议地点	Hangzhou, China
收录类别	EI
ISSN	0302-9743
ISBN	9783642291005
部门归属	(1) Institution of Software Chinese Academy of Sciences China; (2) Graduate University of Chinese Academy of Sciences China
摘要	ROP attack introduced briefly in this paper is a serious threat to compute systems. Kernel ROP attack is great challenge to existing defenses because attackers have system privilege, little prerequisite to mount attacks, and the disability of existing countermeasures against runtime attacks. A method preventing kernel return-oriented programming attack is proposed, which creates a separated secret address space for control data taking advantage of VMM architecture. The secret address space is implemented as a shadow stack on the same host with the target OS facilited by hardware virtualization techniques. The experience result shows the performance overhead in our implementation is about 10% and acceptable in practical. © 2012 Springer-Verlag.; ROP attack introduced briefly in this paper is a serious threat to compute systems. Kernel ROP attack is great challenge to existing defenses because attackers have system privilege, little prerequisite to mount attacks, and the disability of existing countermeasures against runtime attacks. A method preventing kernel return-oriented programming attack is proposed, which creates a separated secret address space for control data taking advantage of VMM architecture. The secret address space is implemented as a shadow stack on the same host with the target OS facilited by hardware virtualization techniques. The experience result shows the performance overhead in our implementation is about 10% and acceptable in practical. © 2012 Springer-Verlag.
关键词	Security Of Data Security Systems
语种	英语
内容类型	会议论文
URI标识	http://ir.iscas.ac.cn/handle/311060/15730
专题	中国科学院软件研究所
推荐引用方式 GB/T 7714	Tian Shuo,He Yeping,Ding Baozeng. prevent kernel return-oriented programming attacks using hardware virtualization[C],2012:289-300.