Institutional Repository
| prevent kernel return-oriented programming attacks using hardware virtualization | |
| Tian Shuo; He Yeping; Ding Baozeng | |
| 2012 | |
| Conference Name | 8th International Conference on Information Security Practice and Experience, ISPEC 2012 |
| Source | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| Pages | 289-300 |
| Conference Date | April 9, 2012 - April 12, 2012 |
| Conference Place | Hangzhou, China |
| Indexed Type | EI |
| ISSN | 0302-9743 |
| ISBN | 9783642291005 |
| Department | (1) Institution of Software Chinese Academy of Sciences China; (2) Graduate University of Chinese Academy of Sciences China |
| English Abstract | ROP attack introduced briefly in this paper is a serious threat to compute systems. Kernel ROP attack is great challenge to existing defenses because attackers have system privilege, little prerequisite to mount attacks, and the disability of existing countermeasures against runtime attacks. A method preventing kernel return-oriented programming attack is proposed, which creates a separated secret address space for control data taking advantage of VMM architecture. The secret address space is implemented as a shadow stack on the same host with the target OS facilited by hardware virtualization techniques. The experience result shows the performance overhead in our implementation is about 10% and acceptable in practical. © 2012 Springer-Verlag.; ROP attack introduced briefly in this paper is a serious threat to compute systems. Kernel ROP attack is great challenge to existing defenses because attackers have system privilege, little prerequisite to mount attacks, and the disability of existing countermeasures against runtime attacks. A method preventing kernel return-oriented programming attack is proposed, which creates a separated secret address space for control data taking advantage of VMM architecture. The secret address space is implemented as a shadow stack on the same host with the target OS facilited by hardware virtualization techniques. The experience result shows the performance overhead in our implementation is about 10% and acceptable in practical. © 2012 Springer-Verlag. |
| Keyword | Security Of Data Security Systems |
| Language | 英语 |
| Content Type | 会议论文 |
| URI | http://ir.iscas.ac.cn/handle/311060/15730 |
| Collection | 中国科学院软件研究所 |
| Recommended Citation GB/T 7714 | Tian Shuo,He Yeping,Ding Baozeng. prevent kernel return-oriented programming attacks using hardware virtualization[C],2012:289-300. |
| Files in This Item: | There are no files associated with this item. | |||||
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment