Computer Science

Computer Science ›› 2023, Vol. 50 ›› Issue (8): 314-320.doi: 10.11896/jsjkx.220800098

• Information Security • Previous Articles     Next Articles

Compiler-supported Program Stack Space Layout Runtime Randomization Method

ZHU Pengzhe1, YAO Yuan2, LIU Zijing1, XI Ruicheng1   

  1. 1 College of Cyber and Space Security College,Information Engineering University,Zhengzhou 450001,China
    2 Purple Mountain Lab of Network Communications and Security,Nanjing 211100,China
  • Received:2022-08-10 Revised:2023-02-13 Online:2023-08-15 Published:2023-08-02
  • About author:ZHU Pengzhe,born in 2000,postgra-duate.His main research interests include compiler technology and multi-variant execution.
    YAO Yuan,born in 1972,Ph.D,professor.His main research interests include parallel compilation and mimic defense.

PDF (PC)

228

Abstract: Multi-variant execution is one of the most popular active defense technologies.MVX identifies attack behavior by running a set of functionally equivalent heterogeneous variants parallelly and detecting inconsistent state transitions between different variants.The defense effect of MVX depends on the heterogeneity between program variants in a large extent.Generally,the higher the heterogeneity between program variants,the better the defense effect of MVX.To improve the heterogeneity between program variants,this paper proposes a compiler-supported,dynamic and static program stack space layout randomization me-thod.The method is based on LLVM 12.0 compilation framework.At static compile stage,the method identifies the key variables in program based on external input acquisition functions,locates their stack space allocation instructions,and adds additional call and allocation instructions before these allocation instructions.At program runtime,the method uses the instructions added during static compilation to randomly fill memory blocks before the key variables in stack space,realizing program memory space layout runtime randomization.Simulation experiment results indicate that the dynamic and static program stack space layout randomization method proposed in this paper can effectively improve the heterogeneity between MVX programs.For attacks based on program memory address overflow,the method not only increases their own attack difficulty,but also makes it impossible to conduct attacks by constantly testing program addresses,improving the defense ability of program effectively.

Key words: Cyber security, Active defense, Compiler, Multi-variant execution, Randomization

CLC Number: 

  • TP311
[1]KRUEGER T,GEHL C,RIECK K,et al.TokDoc:A self-hea-ling web application firewall[C]//Proceedings of the 2010 ACM Symposium on Applied Computing.2010:1846-1853.
[2]CLINCY V,SHAHRIAR H.Web application firewall:Network security models and configuration[C]//2018 IEEE 42nd Annual Computer Software and Applications Conference(COMPSAC).IEEE,2018:835-836.
[3]LU K,SONG C,LEE B,et al.ASLR-Guard:Stopping address space leakage for code reuse attacks[C]//Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security.2015:280-291.
[4]ABADI M,BUDIU M,ERLINGSSON U,et al.Control-flow integrity principles,implementations,and applications[J].ACM Transactions on Information and System Security(TISSEC),2009,13(1):1-40.
[5]BUROW N,CARR S A,NASH J,et al.Control-flow integrity:Precision,security,and performance[J].ACM Computing Surveys(CSUR),2017,50(1):1-33.
[6]HUND R,WILLEMS C,HOLZ T.Practical timing side channel attacks against kernel space ASLR[C]//2013 IEEE Symposium on Security and Privacy.IEEE,2013:191-205.
[7]HU H,SHINDE S,ADRIAN S,et al.Data-oriented program-ming:On the expressiveness of non-control data attacks[C]//2016 IEEE Symposium on Security and Privacy(SP).IEEE,2016:969-986.
[8]COX B,EVANS D,FILIPI A,et al.N-Variant Systems:A Secretless Framework for Security through Diversity[C]//USENIX Security Symposium.2006:105-120.
[9]JIANG W,FANG B X,TIAN Z H,et al.Evaluating network security and optimal active defense based on attack-defense game model[J].Chinese Journal of Computers,2009,32(4):817-827.
[10]VOLCKAERT S,COPPENS B,DE SUTTER B.Cloning your gadgets:Complete ROP attack immunity with multi-variant execution[J].IEEE Transactions on Dependable and Secure Computing,2015,13(4):437-450.
[11]ÖSTERLUND S,KONING K,OLIVIER P,et al.kMVX:Detecting kernel information leaks with multi-variant execution[C]//Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Opera-ting Systems.2019:559-572.
[12]VOULIMENEAS A,SONG D,LARSEN P,et al.dMVX:secure and efficient multi-variant execution in a distributed setting[C]//Proceedings of the 14th European Workshop on Systems Security.2021:41-47.
[13]HOMESCU A,JACKSON T,CRANE S,et al.Large-Scale Automated Software Diversity-Program Evolution Redux[J].IEEE Transactions on Dependable and Secure Computing,2015,14(2):158-171.
[14]BIGELOW D,HOBSON T,RUDD R,et al.Timely Rerando-mization for Mitigating Memory Disclosures[C]//Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security.2015:268-279.
[15]LYERLY R,WANG X,RAVINDRAN B.Dynamic and Secure Memory Transformation in Userspace[C]//European Sympo-sium on Research in Computer Security.Cham:Springer,2020:237-256.
[16]SINGH S,KRISHNAN S.Filter Response Normalization La-yer:Eliminating Batch Dependence in the Training of Deep Neural Networks[C]//2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition(CVPR).IEEE,2020:11237-11246.
[17]SONG D,LETTNER J,RAJASEKARAN P,et al.SoK:Sanitizing for Security[C]//2019 IEEE Symposium on Security and Privacy (SP).IEEE,2019:1275-1295.
[18]WANG Z,WU C,ZHANG Y,et al.Safehidden:an efficient and secure information hiding technique using re-randomization[C]//USENIX Security Symposium.USENIX Association,2019:1239-1256.
[1] WANG Yu, WANG Zuchao, PAN Rui. Survey of DGA Domain Name Detection Based on Character Feature [J]. Computer Science, 2023, 50(8): 251-259.
[2] ZHAO Yuqi, YANG Min. Review of Differential Privacy Research [J]. Computer Science, 2023, 50(4): 265-276.
[3] Peng XU, Jianxin ZHAO, Chi Harold LIU. Optimization and Deployment of Memory-Intensive Operations in Deep Learning Model on Edge [J]. Computer Science, 2023, 50(2): 3-12.
[4] LIANG Jiali, HUA Baojian, SU Shaobo. Tensor Instruction Generation Optimization Fusing with Loop Partitioning [J]. Computer Science, 2023, 50(2): 374-383.
[5] WANG Lei, LI Xiao-yu. LBS Mobile Privacy Protection Scheme Based on Random Onion Routing [J]. Computer Science, 2022, 49(9): 347-354.
[6] LU Hao-song, HU Yong-hua, WANG Shu-ying, ZHOU Xin-lian, LI Hui-xiang. Study on Hybrid Resource Heuristic Loop Unrolling Factor Selection Method Based on Vector DSP [J]. Computer Science, 2022, 49(6A): 777-783.
[7] TAO Li-jing, QIU Han, ZHU Jun-hu, LI Hang-tian. Model for the Description of Trainee Behavior for Cyber Security Exercises Assessment [J]. Computer Science, 2022, 49(6A): 480-484.
[8] LU Xuan-ting, CAI Rui-jie, LIU Sheng-li. Discovery of Unknown UDP Reflection Amplification Protocol Based on Traffic Analysis [J]. Computer Science, 2022, 49(11A): 211000089-5.
[9] GAO Xiu-wu, HUANG Liang-ming, JIANG Jun. Optimization Method of Streaming Storage Based on GCC Compiler [J]. Computer Science, 2022, 49(11): 76-82.
[10] CHI Hao-yu, CHEN Chang-bo. Survey on Automatic Tuning of Compilers by Machine Learning [J]. Computer Science, 2022, 49(1): 241-251.
[11] LI Bei-bei, SONG Jia-rui, DU Qing-yun, HE Jun-jiang. DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things [J]. Computer Science, 2021, 48(7): 47-54.
[12] TANG Zhen, HU Yong-hua, LU Hao-song, WANG Shu-ying. Research on DSP Register Pairs Allocation Algorithm with Weak Assigning Constraints [J]. Computer Science, 2021, 48(6A): 587-595.
[13] CHEN Ming-hao, ZHU Yue-fei, LU Bin, ZHAI Yi, LI Ding. Classification of Application Type of Encrypted Traffic Based on Attention-CNN [J]. Computer Science, 2021, 48(4): 325-332.
[14] HU Wei-fang, CHEN Yun, LI Ying-ying, SHANG Jian-dong. Loop Fusion Strategy Based on Data Reuse Analysis in Polyhedral Compilation [J]. Computer Science, 2021, 48(12): 49-58.
[15] YANG Ping, WANG Sheng-yuan. Analysis of Target Code Generation Mechanism of CompCert Compiler [J]. Computer Science, 2020, 47(9): 17-23.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.