Buffer overflow attack defense method and device based on risc-v and canary mechanism

Abstract

The invention discloses a buffer overflow attack defense method and device based on RISC-V and Canary mechanism, comprising: after assigning content attribute to an abstract syntax tree of program source code, generating a node calling relationship graph G; generating special data Canary; Before the code statement corresponding to the content attribute of each call node and before the code statement corresponding to the content attribute of each return node, insert the RISC-V extension instruction for setting the special data Canary and the RISC-V extension instruction for checking the special data Canary; Execute the program source code, set the RISC‑V extension instruction of the special data Canary, write the special data Canary into the current stack frame, and check the RISC‑V extension instruction of the special data Canary to obtain the special data from the current stack frame through the value p of the special data Canary The comparison result of the value p' of the data Canary for defense. The invention comprehensively covers heap overflow, stack overflow, BSS overflow and other buffer overflow forms, can realize the soft and hard coordination of security defense, has less impact on system performance, and obtains better defense effect.

Description

technical field [0001] The invention belongs to the field of computer technology, and relates to a buffer overflow attack defense method and device based on RISC-V and Canary mechanism. Background technique [0002] With the development of the computer industry, computer software has become an indispensable part of production and life. Computer systems are widely used in all walks of life, including medical care, education, military, politics, and new retail. With the rapid development and popularization of computer systems, how to ensure the credibility of their behavior and protect them from malicious attacks has become an important issue of common concern in academia and industry. Buffer overflow attack is a common malicious attack method. It uses the lack of boundary checking and other mechanisms in source programs written in memory-unsafe languages ​​to break through the buffer capacity limit and overwrite data content in other areas, thereby destroying the correctness ...

AI Technical Summary

Problems solved by technology

However, this method is only applicable to stack overflow scenarios caused by the lack of necessary boundary checks in string processing, for other buffer overflow forms such as heap overflow, BSS (Block Started by Symbol, blocks starting with symbols) overflow, and other reasons overflow scenarios caused by the lack of equally effective protection

At the same time, this method requires an additional calculation process to construct the Canary word, which will also have a certain impact on the operating efficiency of the system.

[0005] In order to solve the problem that the buffer overflow attack defense method based on the Canary mechanism is limited in scope and difficult to implement, the present invention proposes an implementation scheme based on the RISC-V extended instruction set

Images