Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Control flow integrity protection method and device

An integrity protection and control flow technology, applied in the computer field, can solve the problems of indirect transfer destination addresses not being distinguished, large attack space for attackers, and large performance overhead, etc., to achieve reliable control flow integrity protection without affecting performance , the effect of small hardware overhead

Active Publication Date: 2020-11-06
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF7 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The current software-based CFI technology will introduce huge performance overhead, such as the original CFI maximum overhead of 45%
However, the coarse-grained CFI technology currently applied is generally coarse-grained CFI, which does not distinguish between the destination addresses of indirect transfers.
Still leaves a lot of room for attackers to attack

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Control flow integrity protection method and device
  • Control flow integrity protection method and device
  • Control flow integrity protection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0038] Code reuse attack, for example, an attacker can deterministically execute an instruction jmp RAX, which is an indirect jump instruction. If the attacker can control the value of RAX, he can hijack the control flow to jump to the instruction sequence of arbitrary address. If the next instruction sequence also ends with another indirect bran...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a control flow integrity protection method and device, and the method comprises the steps of obtaining a control flow diagram of a to-be-protected program, anddetermining all indirect branch instructions and corresponding legal target addresses; inserting an NOP instruction with label information in front of each legal target address, pointing the jump target address of the corresponding indirect branch instruction to the address where the NOP instruction is located, and determining the label information according to the address where the indirect branch instruction is located, wherein the NOP instruction is used for executing the skipped instruction after the label information in the NOP instruction is verified to be consistent with the source address of the indirect branch instruction when the NOP instruction is used for executing the indirect branch instruction. Due to the fact that the NOP instruction with the label information is insertedin front of each legal target address, different indirectly transferred legal target addresses can be distinguished, and fine-grained control flow integrity protection is achieved. The invention is realized through the NOP instruction, the hardware overhead is small, the performance is not influenced, and the compatibility is better.

Description

technical field [0001] The invention relates to the field of computers, in particular to a control flow integrity protection method and device. Background technique [0002] A memory leak refers to a time or space design error in the operation of the memory by the programmer during the software writing process, which may cause the program to perform behaviors that violate the design of the program itself. Attackers can construct various attacks and execute malicious behaviors by exploiting the program's memory loopholes. [0003] Since the von Neumann structure stores instructions as data in memory for execution, early attackers will inject malicious code into memory as data, and then hijack the control flow to execute the injected malicious code. For example, for an indirect branch instruction jmprax, if an attacker controls the value of the rax register through a memory leak, then the jump target of the indirect branch instruction can point to the injected malicious code ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/52
CPCG06F21/52
Inventor 陈李维佘才睿李锦峰史岗孟丹
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products