CN106022166A - Code reuse attack defense system and method - Google Patents
Code reuse attack defense system and method Download PDFInfo
- Publication number
- CN106022166A CN106022166A CN201610388347.7A CN201610388347A CN106022166A CN 106022166 A CN106022166 A CN 106022166A CN 201610388347 A CN201610388347 A CN 201610388347A CN 106022166 A CN106022166 A CN 106022166A
- Authority
- CN
- China
- Prior art keywords
- instruction
- key
- cpu
- encrypting
- destination address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Storage Device Security (AREA)
- Executing Machine-Instructions (AREA)
Abstract
The invention provides a code reuse attack defense system and method. The method comprises a high-speed cache (Cache), a Memory, a CPU and a lightweight linear encryption architecture LEA; the lightweight linear encryption architecture LEA comprises a silicon PUF module, an encryption and decryption unit (EDU), an KEY_CFI register and an LEN_CFI register. According to the code reuse attack defense system and method, a code reuse attack is effectively resisted at an extremely low performance cost on the basis of a linear encryption structure of a physical unclonable function, an additional processing and extending instruction set is not needed, and the code reuse attack defense system and method are obvious in effect on an ROP attack in the main attack mode of constructing a ret instruction chain and a JOP attack in the attack mode of constructing an indirect jump instruction chain. A PUF generation secret key is used, and encryption and decryption operations are conducted on an instruction in the memory according to the length of the secret key and encryption length. According to the defense system, an LEA is used for linear encryption and decryption, the processor instruction set does not need to be changed, the silicon PUF module does not need a high-expense mechanism for correcting errors, and the expense is significantly reduced, the secret key generated by the silicon PUF module cannot be cloned and can be subjected to dynamic updating, and the safety is significantly improved.
Description
Technical field
The invention belongs to technical field of software security, specifically a kind of code reuse attack defending system and method.
Background technology
Along with the high speed development of information technology, the function of all kinds of softwares obtains extreme enrichment, brings to the live and work of people
The biggest facility, meanwhile software security problem emerges in an endless stream, and has had a strong impact on the safety of computer, pacifies the data of user
Full composition threatens greatly.Traditional attack technology arrives needing the code injection performed based on code injection attack, this technology
In one section of region of memory, calling program is made to perform the code injected by Overflow Vulnerability.This technology can be by such as W X etc.
Software safety mechanism is successfully defendd, and emerging code reuse is attacked then can easily walk around these traditional defense mechanisms.
Code reuse attack utilizes original code constructs among program to go out utilizable code snippet, and (code snippet is by some remittances
Compiling instruction composition, each code snippet can realize different functions, such as, writes the value specified to fixing depositor),
By being combined by the code snippet realizing difference in functionality, assailant can construct the code realized with the equal function of malicious code
Perform sequence.Attack use due to code reuse to be hacked the existing code of program and be combined structure, without any extra
Code so that defence becomes the most difficult.Existing popular code reuse is attacked according to structure code snippet (gadgets)
Ending difference be divided into Return-oriented Program (ROP) attack and Jump-oriented Program (JOP) attack.
ROP attacks and mainly ends up for gadgets with ret, and it is complete that this attack has proven to figure spirit.JOP attacks then with indirectly
Jump instruction is as ending.Famous Fructus Mali pumilae escape from prison software evasiOn be then code reuse attack Typical Representative, this software utilize
Multiple leak, constructs ROP gadgets, has successfully walked around the security mechanism of Fructus Mali pumilae, taken highest weight limit.Therefore, generation
It is very harmful that code multiplexing is attacked, and how defending code reuse to attack is Current software security fields key issues urgently to be resolved hurrily.
In recent years, research worker is attacked for code reuse and is proposed a lot of defence method, and more ripe has shadow stack means of defence,
Ret frequency detecting scheme, code randomized technique etc..But it is on the defensive owing to these schemes are all based on the form of software, property
Energy expense is very big, makes them be difficult to be applied in the system of reality.
Summary of the invention
The present invention is directed to the problems referred to above that existing defense technique exists, it is provided that a kind of code reuse attack defending system and method, base
Linear encryption structure in the unclonable function of physics is effective against code reuse with extremely low performance cost and attacks, it is not necessary to volume
Outer software processes and expansion instruction set.
In order to achieve the above object, concrete technical scheme of the present invention is as follows:
A kind of code reuse attack defending system, including cache Cache, internal memory Memory;
Also include:
CPU: carry out call instruction, indirect jump instruction, the identification of ret instruction, storage instruction and present position thereof;Program quilt
Send instruction at indirect jump instruction destination address to lightweight linear encryption framework LEA when being loaded in internal memory Memory to enter
Row encryption;When performing call instruction, forward the return address that call instructs to lightweight linear encryption framework LEA and be encrypted,
When performing ret instruction, forward the return address that ret instructs to lightweight linear encryption framework LEA and be decrypted, perform indirectly to jump
To redirect when turning instruction to instruct at destination address and send lightweight linear encryption framework LEA to and be decrypted;
Lightweight linear encryption framework LEA (Linear Encryption Architecture, LEA): produce the key of encrypting and decrypting
Key, storage key key and length len thereof;Program encrypts indirect jump instruction destination address when being loaded into internal memory Memory
Place's instruction, is decrypted instruction at its destination address when CPU identifies indirect jump instruction, when CPU identifies call instruction
Encrypting its return address, its return address is deciphered when identifying ret instruction by CPU.
Described lightweight linear encryption framework LEA includes: silicon PUF module, encrypting and decrypting unit EDU, KEY_CFI deposit
Device, LEN_CFI depositor;
Silicon PUF module: producing key key and length len thereof of encrypting and decrypting, the key key of encrypting and decrypting is stored in KEY_CFI
In depositor, length len of key key is stored in LEN_CFI depositor;
Encrypting and decrypting unit EDU is used for key key and length len thereof of the encrypting and decrypting according to the generation of silicon PUF module, to call
Instruction return address encryption, to ret instruction return address deciphering, indirect jump instruction is redirected instruct at destination address into
Row encryption and deciphering.
Length len of the key key of described encrypting and decrypting arrange rule for from l to the length, indirectly less than all return addresses
The random number of the minimum length value redirected at destination address in the length of instruction.
A kind of method that described code reuse attack defending system carries out code reuse attack defending, including:
A), when program is opened, CPU calls silicon PUF module and produces the key key of encrypting and decrypting and be respectively stored in KEY_CFI
In depositor, rule is set according to length and produces length len and be stored in Len_CFI depositor;
B) during program is loaded into internal memory Memory, CPU search all indirect jump instructions redirect destination address;
C) CPU sends the instruction at destination address that redirects found to encrypting and decrypting unit EDU;
D) these instructions are encrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and encrypted result returns
To CPU;
E) these encrypted result are returned to internal memory Memory by CPU;
F) in program process, internal memory Memory sends the instruction in program to cache Cache in real time, and CPU takes
Go out the instruction in cache Cache, when the instruction taken out is call instruction, jump to g), when the instruction taken out is ret
During instruction, jump to i), when the instruction taken out is indirect jump instruction, jump to m), when program finishes execution then exits;
G) destination address that call instructs is sent to encrypting and decrypting unit EDU;
H) destination address that call instruction is corresponding is encrypted by encrypting and decrypting unit EDU according to key key and length len thereof,
And the destination address after encryption is sent in stack;
I) the former destination address that CPU instructs according to call redirects the program of continuing executing with, and jumps to step f);
I) destination address that ret instructs is sent to encrypting and decrypting unit EDU;
K) ret instruction is decrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and by the mesh after deciphering
Address be sent in CPU;
L) CPU redirects according to the destination address after deciphering, jumps to step f);
M) when going at destination address instruction and being loaded into CPU, the content in the IR depositor of CPU is sent to encryption
Decryption unit EDU;
N) these instructions are decrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and by decrypted result
Return to the IR depositor of CPU;
O) CPU continues executing with according to the instruction after the internal deciphering of IR depositor, jumps to f).
Beneficial effect:
Present invention linear encryption structure based on the unclonable function of physics is efficiently resisted code reuse with extremely low performance cost and is attacked
Hit, it is not necessary to extra software processes and expansion instruction set.The present invention solve code reuse attack missile defense, for
Structure ret command chain is that the ROP of primary challenge mode attacks and attacks with the structure indirect jump instruction chain JOP as attack pattern
Hit effect fairly obvious.
The generation volatibility response instant for use PUF (Physical Unclonable Function, PUF) of novelty of the present invention comes
It is encrypted deciphering, responds irregular regenerating, improve safety.By operationally encrypting and deciphering return address
Mode resist ROP attack, by compiling time encrypt the finger of certain byte at the destination address corresponding to indirect jump instruction
Make and go to resist JOP attack with the mode of the corresponding instruction of deciphering when running.LEA uses the unclonable key that PUF produces.
This key is unique for each system.
The present invention uses PUF to generate key, is then encrypted according to the length of key and encryption, decryption oprerations.Owing to this is prevented
Imperial system uses the linear encryption and decryption of LEA, it is not necessary to change processor instruction set and the silicon PUF module error correction machine without high expense
System, so expense significantly reduces.Simultaneously because the key that silicon PUF module produces can dynamically update, so safety significantly improves.
Accompanying drawing explanation
Fig. 1 is the example that call-ret instruction is implemented the inventive method, and (a) is initial protion instruction, and (b) is original stack space
Content, (c) is that new portion instructs (identical with (a)), and (d) is stack space content after amendment;
Fig. 2 is the catenation principle figure of code reuse attack defending system in the specific embodiment of the invention;
Fig. 3 is the schematic diagram of the simplification of encrypting and decrypting unit EDU in the specific embodiment of the invention;
Fig. 4 is the restructural PUF structural principle based on ring oscillator producing upgradeable key in the specific embodiment of the invention
Figure;
Fig. 5 is specific embodiment of the invention translating indirect jump instruction example;
Fig. 6 is code reuse attack defense method flow chart in the specific embodiment of the invention.
Detailed description of the invention
Below in conjunction with the accompanying drawings the detailed description of the invention of the present invention is elaborated.
A kind of code reuse attack defending system, as in figure 2 it is shown, include:
CPU: carry out call instruction, indirect jump instruction, the identification of ret instruction, storage instruction and present position thereof;Program quilt
Redirect instruction at destination address and send LEA by corresponding for indirect jump instruction to and be encrypted when being loaded in internal memory Memory;
When performing call instruction, forward the return address that call instructs to LEA and be encrypted, when performing ret instruction, ret is instructed
Return address forwards LEA to and is decrypted, and will redirect at destination address instruction and send LEA to and carry out when performing indirect jump instruction
Deciphering.
CPU is provided with the location of instruction depositor IP for storing present instruction present position, for storing the instruction of present instruction
The conventional modules such as depositor IR, Decode, Access Memory, Execute, Commit, for realizing in present embodiment
Call instruction, indirect jump instruction, the identification of ret instruction, CPU revises instruction identification module Fetch Instruction.
Cache Cache: for CPU and the intermediate layer of internal memory Memory, the program that real-time reception internal memory Memory transmits
In instruction, LEA transmit encrypted result, decrypted result.
Internal memory Memory: program is loaded in internal memory Memory, in addition to normal storage program is run, additionally it is possible to hand over LEA
Mutually.
Lightweight linear encryption framework LEA: produce the key key of encrypting and decrypting, storage key key and length len thereof;Program
Encrypt when being loaded into internal memory Memory and instruct, when CPU identifies indirect jump instruction at the destination address of indirect jump instruction
Being decrypted instruction at its destination address, its return address is encrypted when identifying call instruction by CPU, and CPU identifies ret
During instruction, its return address is deciphered.
Lightweight linear encryption framework LEA includes: silicon PUF module, encrypting and decrypting unit EDU, KEY_CFI depositor,
LEN_CFI depositor;Encrypting and decrypting unit EDU is in KEY_CFI depositor, LEN_CFI depositor, silicon PUF module
Lower collaborative work.
As in figure 2 it is shown, 1. instruction at the indirect jump instruction destination address after encryption is returned to internal memory by encrypting and decrypting unit EDU
In Memory;2. instruction at the indirect jump instruction destination address after deciphering is returned to order register by encrypting and decrypting unit EDU
In device IR;3. the return address needing deciphering is sent to encrypting and decrypting unit EDU;4. encrypting and decrypting unit EDU will decipher
After return address send CPU to;5. encrypting and decrypting unit EDU sends the address of encryption to cache Cache.
Silicon PUF module;Produce key key and length len thereof of encrypting and decrypting, and be stored in KEY_CFI depositor, should
The length of key key is to be determined with the length limitation redirecting encryption by call-return, and length len of key key is stored in
In LEN_CFI depositor.Encrypting and decrypting unit EDU uses the key key encryption being stored in KEY_CFI depositor to conciliate
Close.
Silicon PUF module is used to have a following advantage in LEA:
(1) high security.Because PUF is renewable and unclonable, assailant is difficult to obtain and forge what PUF produced
Response.
(2) lightweight.In view of the length of key is less and without error correction, uses PUF to generate key and carries out linear encryption deciphering,
Significantly reduce in performance and resource overhead than conventional cryptography deciphering module.
PUF is to utilize process variation (Process Variation) to produce unclonable key (response), on each chip
PUF is unique.And, when program starts to perform, the PUF model on LEA is only used to generate key,
Thus can ignore its impact in performance.
In present embodiment, length len of key key arranges rule for less than the length of all return addresses, indirectly redirect purpose
Minimum length value in the length of instruction at address.Random value between 1 to this minimum length value, as encrypting and decrypting length
Len, keeps this encrypting and decrypting length len at program run duration, then recalculates when program restarts.As shown in Figure 5
Example in, it is assumed that the instruction of the shortest length of all indirect jump instruction destination addresses is shown in Fig. 5 (a), and jmp ecx is corresponding
The length value 8 of 48 8B 4F 08, then rule is set according to length, encrypting and decrypting length len should be 1 to this minimum length
Value 8 between random value, this example takes 6, obtain shown in Fig. 5 (b) to jmp ecx corresponding indirectly redirect destination address
Front 6*4 bit be encrypted.
Key key has a three below feature:
(1) random;
(2) chip is unique;
(3) unclonable.
(4) easily updated.
Updating plan according to set in advance, more new capital of any key is triggered by CPU.Encryption solution in present embodiment
Close key key is the response that silicon PUF module produces, and one of sharpest edges of this key key (response) are need not have
Linear encryption structure based on PUF in high stability, i.e. present embodiment has broken the response of PUF must stable this
Restrictive condition, is uniquely not rely on typical case's application that PUF response is stable in the application of current PUF.
In present embodiment, silicon PUF module can use restructural PUF structure based on ring oscillator generation dynamically can not
The response of clone.Restructural PUF structure based on ring oscillator as shown in Figure 4, is one and comprises n rank ring oscillator
PUF.Ring oscillator is can be with the ball bearing made of certain frequency vibration, due to the impact of process variation He other uncertain factor,
Cause the difference on the frequency between ring oscillator can not be predicted.This restructural PUF structure based on ring oscillator is by comparing
Difference on the frequency between two ring oscillators produces logical zero and logic 1 exports.Each ring oscillator in Fig. 4 has n
The selection end of 2 × 1 MUX and each MUX can change delay circulation.Reconfigurable ring oscillator PUF energy
Produce more reliable PUF response.
In restructural PUF structure based on ring oscillator, encourage C=(C1, C2..., Ci..., Cn), wherein Ci
Equal to 0 or 1, and determine that signal is to enter the i-th rank along top or bottom path.Different delay loop configuration numbers isWherein j ∈ N (integer);So that postpone circulation to form vibration, k is necessary for even number.The frequency of ring oscillator
Rate rank is determined by k, and k is the biggest, and frequency is the lowest.To the same k, the frequency-splitting of two ring oscillators is by postponing joining of circulation
Put decision.Determine by random process variation in order to ensure the difference of frequency between ring oscillator, the annular in dotted line frame in Fig. 4
Agitator must the same and k size also must as.Therefore, C and k can change the exciter response behavior of PUF structure from
And produce different PUF responses.
Encrypting and decrypting unit EDU is used for key key and length len thereof of the encrypting and decrypting according to the generation of silicon PUF module, to call
Instruction return address encryption, to ret instruction return address deciphering, indirect jump instruction is redirected instruct at destination address into
Row encryption and deciphering.
Being illustrated in figure 3 an encrypting and decrypting unit EDU simplified, wherein block arrow is burst data, and thin arrow is signal.
Encrypting and decrypting unit EDU is controlled it from different by tetra-signal sources of CallFlag, RetFlag, LoadFlag, JmpFlag
Input collects data, and wherein CallFlag, RetFlag coordinate with Return Address, LoadFlag, JmpFlag with
Instruction matches.When groups of data transmit, encrypting and decrypting unit EDU use encrypting and decrypting key key and
Len_CFI carries out xor operation to it, and the result after XOR returns to correspondence position.
Encrypting and decrypting unit EDU performs linear encryption and decryption operation, and formula is as follows:
A=E XOR K
Wherein, E for treating encryption and decryption data, i.e. return address or indirectly instruct at jump target addresses, K represents encrypting and decrypting
Key key, is stored in KEY_CFI depositor.EDU judges the length of encryption according to LEN_CFI value.By E XOR
K carries out linear encryption and deciphering to data.
Following four-stage needs to use this XOR encrypting and decrypting to operate:
(1) before CPU execution one call instruction, return address store stack, the return address of call instruction is transferred to add
Being encrypted in close decryption unit EDU, the address of encryption will be pressed in stack.
(2) when CPU performs a ret instruction, encrypting and decrypting unit EDU takes out encryption address from stack and is decrypted,
Then address passing to location of instruction depositor IP to realize correct return, program returns to the address of deciphering and continues executing with.
(3) when program is loaded in internal memory Memory, corresponding for indirect jump instruction redirecting is referred at destination address by CPU
Order sends encrypting and decrypting unit EDU to and is encrypted.
(4) when CPU perform an indirect jump instruction time, encrypting and decrypting unit EDU will redirect at destination address instruct in
The instruction of encryption is decrypted.
Fig. 1 (a)~(d) illustrate the example that call-ret instruction uses the present invention.For normal CPU architecture,
After one call instruction execution terminates, CPU is by return address 004095FCH press-in stack.When using the present invention, encryption solves
Close unit EDU uses key key to be encrypted by 004095FCH, then in the address 0E5423FEh press-in stack after encryption.
The process utilizing the system of the present invention that call-ret instruction is performed encryption and decryption is as follows:
(1) when cache Cache call instructed bar give CPU time, CPU identifies call instruction, is instructed by call
Destination address send encrypting and decrypting unit EDU to;
(2) encrypting and decrypting unit EDU according in KEY_CFI depositor by silicon PUF module produce key key and
These call instruction is encrypted by encrypting and decrypting length len in LEN_CFI depositor, and is sent in stack by encryption address;
(3) CPU redirects according to former destination address and continues executing with;
(4) when cache Cache ret instructed bar give CPU time, CPU identifies ret instruction, is instructed by ret
Destination address sends encrypting and decrypting unit EDU to;
(5) encrypting and decrypting unit EDU according in KEY_CFI depositor by silicon PUF module produce key key and
Ret instruction is decrypted by encrypting and decrypting length len in LEN_CFI depositor, and is sent in CPU deciphering address;
(6) CPU redirects according to address after deciphering and continues executing with.
When program is loaded into internal memory Memory by the target jump address corresponding to indirect jump instruction instruction a length of
The byte of len is encrypted.When performing an indirect jump instruction, by the key key from KEY_CFI depositor to mesh
Address at the instruction of a length of len be decrypted.Encrypting and decrypting unit EDU is deposited into instruction the result after deciphering afterwards
In depositor IR.
Fig. 5 is the example of indirect jump instruction, it is assumed that encrypting and decrypting length len in LEN_CFI depositor is 6, jumps to
The target instruction target word of the address in ecx depositor is 004095f6h.When program is loaded into internal memory Memory, CPU is by purpose
First three byte of instruction i.e. (2*3*4 bit) encryption at address.
When code is loaded in internal memory Memory, by all possible destination address of all indirect jump instruction in code
Place's instruction passes to encrypting and decrypting unit EDU;Encrypting and decrypting unit EDU according to the key key in KEY_CFI depositor with
And these instructions are encrypted by encrypting and decrypting length len in LEN_CFI depositor;When cache Cache will be jumped indirectly
Turning instruction when giving CPU, CPU identifies this instruction, when at destination address, instruction is loaded into CPU, by command register
Content in IR sends encrypting and decrypting unit EDU to;Encrypting and decrypting unit EDU is according to the key in KEY_CFI depositor
These instructions are decrypted by encrypting and decrypting length len in key and LEN_CFI depositor, and are returned to by decrypted result
Command register IR;CPU continues executing with according to command register IR built-in command.
A kind of code reuse attack defense method, as shown in Figure 6, including:
A), when program is opened, CPU calls silicon PUF module and produces the key key of encrypting and decrypting and be respectively stored in KEY_CFI
In depositor, rule is set according to length and produces length len and be stored in Len_CFI depositor;
B) during program is loaded into internal memory Memory, CPU search all indirect jump instructions redirect destination address;
C) CPU sends the instruction at destination address that redirects found to encrypting and decrypting unit EDU;
D) these instructions are encrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and encrypted result returns
To CPU;
E) these encrypted result are returned to internal memory Memory by CPU;
F) in program process, internal memory Memory sends the instruction in program to cache Cache in real time, and CPU takes
Go out the instruction in cache Cache, when the instruction taken out is call instruction, jump to g), when the instruction taken out is ret
During instruction, jump to i), when the instruction taken out is indirect jump instruction, jump to m), when program finishes execution then exits;
G) destination address that call instructs is sent to encrypting and decrypting unit EDU;
H) destination address that call instruction is corresponding is encrypted by encrypting and decrypting unit EDU according to key key and length len thereof,
And the destination address after encryption is sent in stack;
I) the former destination address that CPU instructs according to call redirects the program of continuing executing with, and jumps to step f);
I) destination address that ret instructs is sent to encrypting and decrypting unit EDU;
K) ret instruction is decrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and by the mesh after deciphering
Address be sent in CPU;
L) CPU redirects according to the destination address after deciphering, jumps to step f);
M) when going at destination address instruction and being loaded into CPU, the content in the IR depositor of CPU is sent to encryption
Decryption unit EDU;
N) these instructions are decrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and by decrypted result
Return to the IR depositor of CPU;
O) CPU continues executing with according to the instruction after the internal deciphering of IR depositor, jumps to f).
Claims (4)
1. a code reuse attack defending system, including cache Cache, internal memory Memory, it is characterised in that also include:
CPU: carry out call instruction, indirect jump instruction, the identification of ret instruction, storage instruction and present position thereof;Redirect instruction at destination address and send lightweight linear encryption framework LEA by corresponding for indirect jump instruction to and be encrypted when program is loaded in internal memory Memory;When performing call instruction, forward the return address that call instructs to lightweight linear encryption framework LEA be encrypted, when performing ret instruction, the return address that ret instructs is forwarded to lightweight linear encryption framework LEA is decrypted, will redirect when performing indirect jump instruction to instruct at destination address and send lightweight linear encryption framework LEA to and be decrypted;
Lightweight linear encryption deciphering framework LEA: produce the key key of encrypting and decrypting, storage key key and length len thereof;Program is encrypted when being loaded into internal memory Memory and is instructed at the destination address of indirect jump instruction, when CPU identifies indirect jump instruction, instruction at its destination address is decrypted, its return address is encrypted when identifying call instruction by CPU, and its return address is deciphered when identifying ret instruction by CPU.
Code reuse attack defending system the most according to claim 1, it is characterised in that described lightweight linear encryption framework LEA includes: silicon PUF module, encrypting and decrypting unit EDU, KEY_CFI depositor, LEN_CFI depositor;
Silicon PUF module: producing key key and length len thereof of encrypting and decrypting, the key key of encrypting and decrypting is stored in KEY_CFI depositor, and length len of key key is stored in LEN_CFI depositor;
Encrypting and decrypting unit EDU for the key key of encrypting and decrypting produced according to silicon PUF module and length len thereof, the return address encryption to call instruction, the return address deciphering to ret instruction, redirects instruction at destination address and encrypts and decrypts indirect jump instruction.
Code reuse attack defending system the most according to claim 1 and 2, it is characterized in that, length len of the key key of described encrypting and decrypting arrange rule for from 1 to less than the length of all return addresses, the random number of minimum length value that indirectly redirects at destination address in the length of instruction.
4. the method that the code reuse attack defending system that a kind utilizes described in claim 2 carries out code reuse attack defending, it is characterised in that including:
A) when program is opened, CPU calls silicon PUF module and produces the key key of encrypting and decrypting and be respectively stored in KEY_CFI depositor, arranges rule according to length and produces length len and be stored in Len_CFI depositor;
B) during program is loaded into internal memory Memory, CPU search all indirect jump instructions redirect destination address;
C) CPU sends the instruction at destination address that redirects found to encrypting and decrypting unit EDU;
D) these instructions are encrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and encrypted result returns to CPU;
E) these encrypted result are returned to internal memory Memory by CPU;
F) in program process, internal memory Memory sends the instruction in program to cache Cache in real time, CPU takes out the instruction in cache Cache, when the instruction taken out is call instruction, jump to g), when the instruction taken out is ret instruction, jump to j), when the instruction taken out is indirect jump instruction, jump to m), when program finishes execution then exits;
G) destination address that call instructs is sent to encrypting and decrypting unit EDU;
H) destination address that call instruction is corresponding is encrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and is sent in stack by the destination address after encryption;
I) the former destination address that CPU instructs according to call redirects the program of continuing executing with, and jumps to step f);
J) destination address that ret instructs is sent to encrypting and decrypting unit EDU;
K) ret instruction is decrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and is sent in CPU by the destination address after deciphering;
L) CPU redirects according to the destination address after deciphering, jumps to step f);
M) when going at destination address instruction and being loaded into CPU to, the content in the IR depositor of CPU is sent encrypting and decrypting unit EDU;
N) these instructions are decrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and decrypted result returns to the IR depositor of CPU;
O) CPU continues executing with according to the instruction after the internal deciphering of IR depositor, jumps to f).
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610388347.7A CN106022166B (en) | 2016-06-02 | 2016-06-02 | A kind of code reuse attack defending system and method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610388347.7A CN106022166B (en) | 2016-06-02 | 2016-06-02 | A kind of code reuse attack defending system and method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106022166A true CN106022166A (en) | 2016-10-12 |
CN106022166B CN106022166B (en) | 2018-10-23 |
Family
ID=57090345
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610388347.7A Expired - Fee Related CN106022166B (en) | 2016-06-02 | 2016-06-02 | A kind of code reuse attack defending system and method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106022166B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107506644A (en) * | 2017-08-16 | 2017-12-22 | 南京大学 | The method for security protection that implicit constant threatens in dynamic generation code |
CN108090346A (en) * | 2017-12-04 | 2018-05-29 | 华中科技大学 | A kind of code reuse attack defense method and system based on data stream monitoring |
CN109495488A (en) * | 2018-11-27 | 2019-03-19 | 杭州安恒信息技术股份有限公司 | A kind of safety defense method and system based on Cookie encryption |
WO2021000847A1 (en) * | 2019-07-01 | 2021-01-07 | 华为技术有限公司 | Processor and return address processing method |
CN112332973A (en) * | 2020-10-23 | 2021-02-05 | 南京理工大学 | Fine-grained Internet of things equipment control flow protection method |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102393890A (en) * | 2011-10-09 | 2012-03-28 | 广州大学 | Crypto chip system for resisting physical invasion and side-channel attack and implementation method thereof |
CN102662830A (en) * | 2012-03-20 | 2012-09-12 | 湖南大学 | Code reuse attack detection system based on dynamic binary translation framework |
US20130044874A1 (en) * | 2011-08-17 | 2013-02-21 | Bruce Murray | Cryptographic circuit and method therefor |
CN103229451A (en) * | 2010-11-30 | 2013-07-31 | 英特尔公司 | Method and apparatus for key provisioning of hardware devices |
CN104200180A (en) * | 2014-07-17 | 2014-12-10 | 南京航空航天大学 | Physical unclonable function based on reconfigurable ring oscillators and generation method of physical unclonable function based on reconfigurable ring oscillators |
-
2016
- 2016-06-02 CN CN201610388347.7A patent/CN106022166B/en not_active Expired - Fee Related
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103229451A (en) * | 2010-11-30 | 2013-07-31 | 英特尔公司 | Method and apparatus for key provisioning of hardware devices |
US20130044874A1 (en) * | 2011-08-17 | 2013-02-21 | Bruce Murray | Cryptographic circuit and method therefor |
CN102393890A (en) * | 2011-10-09 | 2012-03-28 | 广州大学 | Crypto chip system for resisting physical invasion and side-channel attack and implementation method thereof |
CN102662830A (en) * | 2012-03-20 | 2012-09-12 | 湖南大学 | Code reuse attack detection system based on dynamic binary translation framework |
CN104200180A (en) * | 2014-07-17 | 2014-12-10 | 南京航空航天大学 | Physical unclonable function based on reconfigurable ring oscillators and generation method of physical unclonable function based on reconfigurable ring oscillators |
Non-Patent Citations (2)
Title |
---|
余智豪 等: "《物联网安全技术》", 30 April 2016 * |
陈林博 等: ""利用返回地址保护机制防御代码复用类攻击"", 《计算机科学》 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107506644A (en) * | 2017-08-16 | 2017-12-22 | 南京大学 | The method for security protection that implicit constant threatens in dynamic generation code |
CN108090346A (en) * | 2017-12-04 | 2018-05-29 | 华中科技大学 | A kind of code reuse attack defense method and system based on data stream monitoring |
CN108090346B (en) * | 2017-12-04 | 2020-06-02 | 华中科技大学 | Code multiplexing attack defense method and system based on data flow monitoring |
CN109495488A (en) * | 2018-11-27 | 2019-03-19 | 杭州安恒信息技术股份有限公司 | A kind of safety defense method and system based on Cookie encryption |
WO2021000847A1 (en) * | 2019-07-01 | 2021-01-07 | 华为技术有限公司 | Processor and return address processing method |
CN112332973A (en) * | 2020-10-23 | 2021-02-05 | 南京理工大学 | Fine-grained Internet of things equipment control flow protection method |
CN112332973B (en) * | 2020-10-23 | 2022-06-24 | 南京理工大学 | Fine-grained Internet of things equipment control flow protection method |
Also Published As
Publication number | Publication date |
---|---|
CN106022166B (en) | 2018-10-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106022166A (en) | Code reuse attack defense system and method | |
Zhang et al. | HCIC: Hardware-assisted control-flow integrity checking | |
CN102138300B (en) | Message authentication code pre-computation with applications to secure memory | |
Henecka et al. | Faster secure two-party computation with less memory | |
Zhuang et al. | A new ultralightweight RFID protocol for low-cost tags: R 2 AP | |
US8699703B2 (en) | System and method for pseudo-random polymorphic tree construction | |
Goldstein et al. | Preventing DNN model IP theft via hardware obfuscation | |
Tople et al. | {PRO-ORAM}: Practical {Read-Only} Oblivious {RAM} | |
Sepúlveda et al. | Efficient and flexible NoC-based group communication for secure MPSoCs | |
Dai et al. | Trustzone-based secure lightweight wallet for hyperledger fabric | |
Li et al. | A control flow integrity checking technique based on hardware support | |
Wu et al. | Exploring dynamic task loading in SGX-based distributed computing | |
Johnson et al. | An FPGA architecture for the recovery of WPA/WPA2 keys | |
Yang et al. | MEG: memory and energy efficient garbled circuit evaluation on smartphones | |
Xu et al. | Privacy preserving large scale DNA read-mapping in MapReduce framework using FPGAs | |
US20200210626A1 (en) | Secure branch predictor with context-specific learned instruction target address encryption | |
Anand et al. | An ultra-high throughput AES-based authenticated encryption scheme for 6G: Design and implementation | |
EP2674892B1 (en) | A method, a device and a computer program support for execution of encrypted computer code | |
Moataz et al. | Chf-oram: a constant communication oram without homomorphic encryption | |
Simplicio Jr et al. | The Lyra2 reference guide | |
Lipton et al. | Provably secure virus detection: Using the observer effect against malware | |
Faz-Hernández et al. | SoK: A performance evaluation of cryptographic instruction sets on modern architectures | |
Wolf et al. | Securing network processors with high-performance hardware monitors | |
Irza et al. | A third generation many-core processor for secure embedded computing systems | |
Hussain et al. | A low performance-overhead ORAM design for processor system with un-trusted off-chip memory |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20181023 |