CN106022166A - Code reuse attack defense system and method - Google Patents

Code reuse attack defense system and method Download PDF

Info

Publication number
CN106022166A
CN106022166A CN201610388347.7A CN201610388347A CN106022166A CN 106022166 A CN106022166 A CN 106022166A CN 201610388347 A CN201610388347 A CN 201610388347A CN 106022166 A CN106022166 A CN 106022166A
Authority
CN
China
Prior art keywords
instruction
key
cpu
encrypting
destination address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610388347.7A
Other languages
Chinese (zh)
Other versions
CN106022166B (en
Inventor
张吉良
吕勇强
金睿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Northeastern University China
Original Assignee
Northeastern University China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Northeastern University China filed Critical Northeastern University China
Priority to CN201610388347.7A priority Critical patent/CN106022166B/en
Publication of CN106022166A publication Critical patent/CN106022166A/en
Application granted granted Critical
Publication of CN106022166B publication Critical patent/CN106022166B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Storage Device Security (AREA)
  • Executing Machine-Instructions (AREA)

Abstract

The invention provides a code reuse attack defense system and method. The method comprises a high-speed cache (Cache), a Memory, a CPU and a lightweight linear encryption architecture LEA; the lightweight linear encryption architecture LEA comprises a silicon PUF module, an encryption and decryption unit (EDU), an KEY_CFI register and an LEN_CFI register. According to the code reuse attack defense system and method, a code reuse attack is effectively resisted at an extremely low performance cost on the basis of a linear encryption structure of a physical unclonable function, an additional processing and extending instruction set is not needed, and the code reuse attack defense system and method are obvious in effect on an ROP attack in the main attack mode of constructing a ret instruction chain and a JOP attack in the attack mode of constructing an indirect jump instruction chain. A PUF generation secret key is used, and encryption and decryption operations are conducted on an instruction in the memory according to the length of the secret key and encryption length. According to the defense system, an LEA is used for linear encryption and decryption, the processor instruction set does not need to be changed, the silicon PUF module does not need a high-expense mechanism for correcting errors, and the expense is significantly reduced, the secret key generated by the silicon PUF module cannot be cloned and can be subjected to dynamic updating, and the safety is significantly improved.

Description

A kind of code reuse attack defending system and method
Technical field
The invention belongs to technical field of software security, specifically a kind of code reuse attack defending system and method.
Background technology
Along with the high speed development of information technology, the function of all kinds of softwares obtains extreme enrichment, brings to the live and work of people The biggest facility, meanwhile software security problem emerges in an endless stream, and has had a strong impact on the safety of computer, pacifies the data of user Full composition threatens greatly.Traditional attack technology arrives needing the code injection performed based on code injection attack, this technology In one section of region of memory, calling program is made to perform the code injected by Overflow Vulnerability.This technology can be by such as W X etc. Software safety mechanism is successfully defendd, and emerging code reuse is attacked then can easily walk around these traditional defense mechanisms.
Code reuse attack utilizes original code constructs among program to go out utilizable code snippet, and (code snippet is by some remittances Compiling instruction composition, each code snippet can realize different functions, such as, writes the value specified to fixing depositor), By being combined by the code snippet realizing difference in functionality, assailant can construct the code realized with the equal function of malicious code Perform sequence.Attack use due to code reuse to be hacked the existing code of program and be combined structure, without any extra Code so that defence becomes the most difficult.Existing popular code reuse is attacked according to structure code snippet (gadgets) Ending difference be divided into Return-oriented Program (ROP) attack and Jump-oriented Program (JOP) attack. ROP attacks and mainly ends up for gadgets with ret, and it is complete that this attack has proven to figure spirit.JOP attacks then with indirectly Jump instruction is as ending.Famous Fructus Mali pumilae escape from prison software evasiOn be then code reuse attack Typical Representative, this software utilize Multiple leak, constructs ROP gadgets, has successfully walked around the security mechanism of Fructus Mali pumilae, taken highest weight limit.Therefore, generation It is very harmful that code multiplexing is attacked, and how defending code reuse to attack is Current software security fields key issues urgently to be resolved hurrily.
In recent years, research worker is attacked for code reuse and is proposed a lot of defence method, and more ripe has shadow stack means of defence, Ret frequency detecting scheme, code randomized technique etc..But it is on the defensive owing to these schemes are all based on the form of software, property Energy expense is very big, makes them be difficult to be applied in the system of reality.
Summary of the invention
The present invention is directed to the problems referred to above that existing defense technique exists, it is provided that a kind of code reuse attack defending system and method, base Linear encryption structure in the unclonable function of physics is effective against code reuse with extremely low performance cost and attacks, it is not necessary to volume Outer software processes and expansion instruction set.
In order to achieve the above object, concrete technical scheme of the present invention is as follows:
A kind of code reuse attack defending system, including cache Cache, internal memory Memory;
Also include:
CPU: carry out call instruction, indirect jump instruction, the identification of ret instruction, storage instruction and present position thereof;Program quilt Send instruction at indirect jump instruction destination address to lightweight linear encryption framework LEA when being loaded in internal memory Memory to enter Row encryption;When performing call instruction, forward the return address that call instructs to lightweight linear encryption framework LEA and be encrypted, When performing ret instruction, forward the return address that ret instructs to lightweight linear encryption framework LEA and be decrypted, perform indirectly to jump To redirect when turning instruction to instruct at destination address and send lightweight linear encryption framework LEA to and be decrypted;
Lightweight linear encryption framework LEA (Linear Encryption Architecture, LEA): produce the key of encrypting and decrypting Key, storage key key and length len thereof;Program encrypts indirect jump instruction destination address when being loaded into internal memory Memory Place's instruction, is decrypted instruction at its destination address when CPU identifies indirect jump instruction, when CPU identifies call instruction Encrypting its return address, its return address is deciphered when identifying ret instruction by CPU.
Described lightweight linear encryption framework LEA includes: silicon PUF module, encrypting and decrypting unit EDU, KEY_CFI deposit Device, LEN_CFI depositor;
Silicon PUF module: producing key key and length len thereof of encrypting and decrypting, the key key of encrypting and decrypting is stored in KEY_CFI In depositor, length len of key key is stored in LEN_CFI depositor;
Encrypting and decrypting unit EDU is used for key key and length len thereof of the encrypting and decrypting according to the generation of silicon PUF module, to call Instruction return address encryption, to ret instruction return address deciphering, indirect jump instruction is redirected instruct at destination address into Row encryption and deciphering.
Length len of the key key of described encrypting and decrypting arrange rule for from l to the length, indirectly less than all return addresses The random number of the minimum length value redirected at destination address in the length of instruction.
A kind of method that described code reuse attack defending system carries out code reuse attack defending, including:
A), when program is opened, CPU calls silicon PUF module and produces the key key of encrypting and decrypting and be respectively stored in KEY_CFI In depositor, rule is set according to length and produces length len and be stored in Len_CFI depositor;
B) during program is loaded into internal memory Memory, CPU search all indirect jump instructions redirect destination address;
C) CPU sends the instruction at destination address that redirects found to encrypting and decrypting unit EDU;
D) these instructions are encrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and encrypted result returns To CPU;
E) these encrypted result are returned to internal memory Memory by CPU;
F) in program process, internal memory Memory sends the instruction in program to cache Cache in real time, and CPU takes Go out the instruction in cache Cache, when the instruction taken out is call instruction, jump to g), when the instruction taken out is ret During instruction, jump to i), when the instruction taken out is indirect jump instruction, jump to m), when program finishes execution then exits;
G) destination address that call instructs is sent to encrypting and decrypting unit EDU;
H) destination address that call instruction is corresponding is encrypted by encrypting and decrypting unit EDU according to key key and length len thereof, And the destination address after encryption is sent in stack;
I) the former destination address that CPU instructs according to call redirects the program of continuing executing with, and jumps to step f);
I) destination address that ret instructs is sent to encrypting and decrypting unit EDU;
K) ret instruction is decrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and by the mesh after deciphering Address be sent in CPU;
L) CPU redirects according to the destination address after deciphering, jumps to step f);
M) when going at destination address instruction and being loaded into CPU, the content in the IR depositor of CPU is sent to encryption Decryption unit EDU;
N) these instructions are decrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and by decrypted result Return to the IR depositor of CPU;
O) CPU continues executing with according to the instruction after the internal deciphering of IR depositor, jumps to f).
Beneficial effect:
Present invention linear encryption structure based on the unclonable function of physics is efficiently resisted code reuse with extremely low performance cost and is attacked Hit, it is not necessary to extra software processes and expansion instruction set.The present invention solve code reuse attack missile defense, for Structure ret command chain is that the ROP of primary challenge mode attacks and attacks with the structure indirect jump instruction chain JOP as attack pattern Hit effect fairly obvious.
The generation volatibility response instant for use PUF (Physical Unclonable Function, PUF) of novelty of the present invention comes It is encrypted deciphering, responds irregular regenerating, improve safety.By operationally encrypting and deciphering return address Mode resist ROP attack, by compiling time encrypt the finger of certain byte at the destination address corresponding to indirect jump instruction Make and go to resist JOP attack with the mode of the corresponding instruction of deciphering when running.LEA uses the unclonable key that PUF produces. This key is unique for each system.
The present invention uses PUF to generate key, is then encrypted according to the length of key and encryption, decryption oprerations.Owing to this is prevented Imperial system uses the linear encryption and decryption of LEA, it is not necessary to change processor instruction set and the silicon PUF module error correction machine without high expense System, so expense significantly reduces.Simultaneously because the key that silicon PUF module produces can dynamically update, so safety significantly improves.
Accompanying drawing explanation
Fig. 1 is the example that call-ret instruction is implemented the inventive method, and (a) is initial protion instruction, and (b) is original stack space Content, (c) is that new portion instructs (identical with (a)), and (d) is stack space content after amendment;
Fig. 2 is the catenation principle figure of code reuse attack defending system in the specific embodiment of the invention;
Fig. 3 is the schematic diagram of the simplification of encrypting and decrypting unit EDU in the specific embodiment of the invention;
Fig. 4 is the restructural PUF structural principle based on ring oscillator producing upgradeable key in the specific embodiment of the invention Figure;
Fig. 5 is specific embodiment of the invention translating indirect jump instruction example;
Fig. 6 is code reuse attack defense method flow chart in the specific embodiment of the invention.
Detailed description of the invention
Below in conjunction with the accompanying drawings the detailed description of the invention of the present invention is elaborated.
A kind of code reuse attack defending system, as in figure 2 it is shown, include:
CPU: carry out call instruction, indirect jump instruction, the identification of ret instruction, storage instruction and present position thereof;Program quilt Redirect instruction at destination address and send LEA by corresponding for indirect jump instruction to and be encrypted when being loaded in internal memory Memory; When performing call instruction, forward the return address that call instructs to LEA and be encrypted, when performing ret instruction, ret is instructed Return address forwards LEA to and is decrypted, and will redirect at destination address instruction and send LEA to and carry out when performing indirect jump instruction Deciphering.
CPU is provided with the location of instruction depositor IP for storing present instruction present position, for storing the instruction of present instruction The conventional modules such as depositor IR, Decode, Access Memory, Execute, Commit, for realizing in present embodiment Call instruction, indirect jump instruction, the identification of ret instruction, CPU revises instruction identification module Fetch Instruction.
Cache Cache: for CPU and the intermediate layer of internal memory Memory, the program that real-time reception internal memory Memory transmits In instruction, LEA transmit encrypted result, decrypted result.
Internal memory Memory: program is loaded in internal memory Memory, in addition to normal storage program is run, additionally it is possible to hand over LEA Mutually.
Lightweight linear encryption framework LEA: produce the key key of encrypting and decrypting, storage key key and length len thereof;Program Encrypt when being loaded into internal memory Memory and instruct, when CPU identifies indirect jump instruction at the destination address of indirect jump instruction Being decrypted instruction at its destination address, its return address is encrypted when identifying call instruction by CPU, and CPU identifies ret During instruction, its return address is deciphered.
Lightweight linear encryption framework LEA includes: silicon PUF module, encrypting and decrypting unit EDU, KEY_CFI depositor, LEN_CFI depositor;Encrypting and decrypting unit EDU is in KEY_CFI depositor, LEN_CFI depositor, silicon PUF module Lower collaborative work.
As in figure 2 it is shown, 1. instruction at the indirect jump instruction destination address after encryption is returned to internal memory by encrypting and decrypting unit EDU In Memory;2. instruction at the indirect jump instruction destination address after deciphering is returned to order register by encrypting and decrypting unit EDU In device IR;3. the return address needing deciphering is sent to encrypting and decrypting unit EDU;4. encrypting and decrypting unit EDU will decipher After return address send CPU to;5. encrypting and decrypting unit EDU sends the address of encryption to cache Cache.
Silicon PUF module;Produce key key and length len thereof of encrypting and decrypting, and be stored in KEY_CFI depositor, should The length of key key is to be determined with the length limitation redirecting encryption by call-return, and length len of key key is stored in In LEN_CFI depositor.Encrypting and decrypting unit EDU uses the key key encryption being stored in KEY_CFI depositor to conciliate Close.
Silicon PUF module is used to have a following advantage in LEA:
(1) high security.Because PUF is renewable and unclonable, assailant is difficult to obtain and forge what PUF produced Response.
(2) lightweight.In view of the length of key is less and without error correction, uses PUF to generate key and carries out linear encryption deciphering, Significantly reduce in performance and resource overhead than conventional cryptography deciphering module.
PUF is to utilize process variation (Process Variation) to produce unclonable key (response), on each chip PUF is unique.And, when program starts to perform, the PUF model on LEA is only used to generate key, Thus can ignore its impact in performance.
In present embodiment, length len of key key arranges rule for less than the length of all return addresses, indirectly redirect purpose Minimum length value in the length of instruction at address.Random value between 1 to this minimum length value, as encrypting and decrypting length Len, keeps this encrypting and decrypting length len at program run duration, then recalculates when program restarts.As shown in Figure 5 Example in, it is assumed that the instruction of the shortest length of all indirect jump instruction destination addresses is shown in Fig. 5 (a), and jmp ecx is corresponding The length value 8 of 48 8B 4F 08, then rule is set according to length, encrypting and decrypting length len should be 1 to this minimum length Value 8 between random value, this example takes 6, obtain shown in Fig. 5 (b) to jmp ecx corresponding indirectly redirect destination address Front 6*4 bit be encrypted.
Key key has a three below feature:
(1) random;
(2) chip is unique;
(3) unclonable.
(4) easily updated.
Updating plan according to set in advance, more new capital of any key is triggered by CPU.Encryption solution in present embodiment Close key key is the response that silicon PUF module produces, and one of sharpest edges of this key key (response) are need not have Linear encryption structure based on PUF in high stability, i.e. present embodiment has broken the response of PUF must stable this Restrictive condition, is uniquely not rely on typical case's application that PUF response is stable in the application of current PUF.
In present embodiment, silicon PUF module can use restructural PUF structure based on ring oscillator generation dynamically can not The response of clone.Restructural PUF structure based on ring oscillator as shown in Figure 4, is one and comprises n rank ring oscillator PUF.Ring oscillator is can be with the ball bearing made of certain frequency vibration, due to the impact of process variation He other uncertain factor, Cause the difference on the frequency between ring oscillator can not be predicted.This restructural PUF structure based on ring oscillator is by comparing Difference on the frequency between two ring oscillators produces logical zero and logic 1 exports.Each ring oscillator in Fig. 4 has n The selection end of 2 × 1 MUX and each MUX can change delay circulation.Reconfigurable ring oscillator PUF energy Produce more reliable PUF response.
In restructural PUF structure based on ring oscillator, encourage C=(C1, C2..., Ci..., Cn), wherein Ci Equal to 0 or 1, and determine that signal is to enter the i-th rank along top or bottom path.Different delay loop configuration numbers isWherein j ∈ N (integer);So that postpone circulation to form vibration, k is necessary for even number.The frequency of ring oscillator Rate rank is determined by k, and k is the biggest, and frequency is the lowest.To the same k, the frequency-splitting of two ring oscillators is by postponing joining of circulation Put decision.Determine by random process variation in order to ensure the difference of frequency between ring oscillator, the annular in dotted line frame in Fig. 4 Agitator must the same and k size also must as.Therefore, C and k can change the exciter response behavior of PUF structure from And produce different PUF responses.
Encrypting and decrypting unit EDU is used for key key and length len thereof of the encrypting and decrypting according to the generation of silicon PUF module, to call Instruction return address encryption, to ret instruction return address deciphering, indirect jump instruction is redirected instruct at destination address into Row encryption and deciphering.
Being illustrated in figure 3 an encrypting and decrypting unit EDU simplified, wherein block arrow is burst data, and thin arrow is signal. Encrypting and decrypting unit EDU is controlled it from different by tetra-signal sources of CallFlag, RetFlag, LoadFlag, JmpFlag Input collects data, and wherein CallFlag, RetFlag coordinate with Return Address, LoadFlag, JmpFlag with Instruction matches.When groups of data transmit, encrypting and decrypting unit EDU use encrypting and decrypting key key and Len_CFI carries out xor operation to it, and the result after XOR returns to correspondence position.
Encrypting and decrypting unit EDU performs linear encryption and decryption operation, and formula is as follows:
A=E XOR K
Wherein, E for treating encryption and decryption data, i.e. return address or indirectly instruct at jump target addresses, K represents encrypting and decrypting Key key, is stored in KEY_CFI depositor.EDU judges the length of encryption according to LEN_CFI value.By E XOR K carries out linear encryption and deciphering to data.
Following four-stage needs to use this XOR encrypting and decrypting to operate:
(1) before CPU execution one call instruction, return address store stack, the return address of call instruction is transferred to add Being encrypted in close decryption unit EDU, the address of encryption will be pressed in stack.
(2) when CPU performs a ret instruction, encrypting and decrypting unit EDU takes out encryption address from stack and is decrypted, Then address passing to location of instruction depositor IP to realize correct return, program returns to the address of deciphering and continues executing with.
(3) when program is loaded in internal memory Memory, corresponding for indirect jump instruction redirecting is referred at destination address by CPU Order sends encrypting and decrypting unit EDU to and is encrypted.
(4) when CPU perform an indirect jump instruction time, encrypting and decrypting unit EDU will redirect at destination address instruct in The instruction of encryption is decrypted.
Fig. 1 (a)~(d) illustrate the example that call-ret instruction uses the present invention.For normal CPU architecture, After one call instruction execution terminates, CPU is by return address 004095FCH press-in stack.When using the present invention, encryption solves Close unit EDU uses key key to be encrypted by 004095FCH, then in the address 0E5423FEh press-in stack after encryption.
The process utilizing the system of the present invention that call-ret instruction is performed encryption and decryption is as follows:
(1) when cache Cache call instructed bar give CPU time, CPU identifies call instruction, is instructed by call Destination address send encrypting and decrypting unit EDU to;
(2) encrypting and decrypting unit EDU according in KEY_CFI depositor by silicon PUF module produce key key and These call instruction is encrypted by encrypting and decrypting length len in LEN_CFI depositor, and is sent in stack by encryption address;
(3) CPU redirects according to former destination address and continues executing with;
(4) when cache Cache ret instructed bar give CPU time, CPU identifies ret instruction, is instructed by ret Destination address sends encrypting and decrypting unit EDU to;
(5) encrypting and decrypting unit EDU according in KEY_CFI depositor by silicon PUF module produce key key and Ret instruction is decrypted by encrypting and decrypting length len in LEN_CFI depositor, and is sent in CPU deciphering address;
(6) CPU redirects according to address after deciphering and continues executing with.
When program is loaded into internal memory Memory by the target jump address corresponding to indirect jump instruction instruction a length of The byte of len is encrypted.When performing an indirect jump instruction, by the key key from KEY_CFI depositor to mesh Address at the instruction of a length of len be decrypted.Encrypting and decrypting unit EDU is deposited into instruction the result after deciphering afterwards In depositor IR.
Fig. 5 is the example of indirect jump instruction, it is assumed that encrypting and decrypting length len in LEN_CFI depositor is 6, jumps to The target instruction target word of the address in ecx depositor is 004095f6h.When program is loaded into internal memory Memory, CPU is by purpose First three byte of instruction i.e. (2*3*4 bit) encryption at address.
When code is loaded in internal memory Memory, by all possible destination address of all indirect jump instruction in code Place's instruction passes to encrypting and decrypting unit EDU;Encrypting and decrypting unit EDU according to the key key in KEY_CFI depositor with And these instructions are encrypted by encrypting and decrypting length len in LEN_CFI depositor;When cache Cache will be jumped indirectly Turning instruction when giving CPU, CPU identifies this instruction, when at destination address, instruction is loaded into CPU, by command register Content in IR sends encrypting and decrypting unit EDU to;Encrypting and decrypting unit EDU is according to the key in KEY_CFI depositor These instructions are decrypted by encrypting and decrypting length len in key and LEN_CFI depositor, and are returned to by decrypted result Command register IR;CPU continues executing with according to command register IR built-in command.
A kind of code reuse attack defense method, as shown in Figure 6, including:
A), when program is opened, CPU calls silicon PUF module and produces the key key of encrypting and decrypting and be respectively stored in KEY_CFI In depositor, rule is set according to length and produces length len and be stored in Len_CFI depositor;
B) during program is loaded into internal memory Memory, CPU search all indirect jump instructions redirect destination address;
C) CPU sends the instruction at destination address that redirects found to encrypting and decrypting unit EDU;
D) these instructions are encrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and encrypted result returns To CPU;
E) these encrypted result are returned to internal memory Memory by CPU;
F) in program process, internal memory Memory sends the instruction in program to cache Cache in real time, and CPU takes Go out the instruction in cache Cache, when the instruction taken out is call instruction, jump to g), when the instruction taken out is ret During instruction, jump to i), when the instruction taken out is indirect jump instruction, jump to m), when program finishes execution then exits;
G) destination address that call instructs is sent to encrypting and decrypting unit EDU;
H) destination address that call instruction is corresponding is encrypted by encrypting and decrypting unit EDU according to key key and length len thereof, And the destination address after encryption is sent in stack;
I) the former destination address that CPU instructs according to call redirects the program of continuing executing with, and jumps to step f);
I) destination address that ret instructs is sent to encrypting and decrypting unit EDU;
K) ret instruction is decrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and by the mesh after deciphering Address be sent in CPU;
L) CPU redirects according to the destination address after deciphering, jumps to step f);
M) when going at destination address instruction and being loaded into CPU, the content in the IR depositor of CPU is sent to encryption Decryption unit EDU;
N) these instructions are decrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and by decrypted result Return to the IR depositor of CPU;
O) CPU continues executing with according to the instruction after the internal deciphering of IR depositor, jumps to f).

Claims (4)

1. a code reuse attack defending system, including cache Cache, internal memory Memory, it is characterised in that also include:
CPU: carry out call instruction, indirect jump instruction, the identification of ret instruction, storage instruction and present position thereof;Redirect instruction at destination address and send lightweight linear encryption framework LEA by corresponding for indirect jump instruction to and be encrypted when program is loaded in internal memory Memory;When performing call instruction, forward the return address that call instructs to lightweight linear encryption framework LEA be encrypted, when performing ret instruction, the return address that ret instructs is forwarded to lightweight linear encryption framework LEA is decrypted, will redirect when performing indirect jump instruction to instruct at destination address and send lightweight linear encryption framework LEA to and be decrypted;
Lightweight linear encryption deciphering framework LEA: produce the key key of encrypting and decrypting, storage key key and length len thereof;Program is encrypted when being loaded into internal memory Memory and is instructed at the destination address of indirect jump instruction, when CPU identifies indirect jump instruction, instruction at its destination address is decrypted, its return address is encrypted when identifying call instruction by CPU, and its return address is deciphered when identifying ret instruction by CPU.
Code reuse attack defending system the most according to claim 1, it is characterised in that described lightweight linear encryption framework LEA includes: silicon PUF module, encrypting and decrypting unit EDU, KEY_CFI depositor, LEN_CFI depositor;
Silicon PUF module: producing key key and length len thereof of encrypting and decrypting, the key key of encrypting and decrypting is stored in KEY_CFI depositor, and length len of key key is stored in LEN_CFI depositor;
Encrypting and decrypting unit EDU for the key key of encrypting and decrypting produced according to silicon PUF module and length len thereof, the return address encryption to call instruction, the return address deciphering to ret instruction, redirects instruction at destination address and encrypts and decrypts indirect jump instruction.
Code reuse attack defending system the most according to claim 1 and 2, it is characterized in that, length len of the key key of described encrypting and decrypting arrange rule for from 1 to less than the length of all return addresses, the random number of minimum length value that indirectly redirects at destination address in the length of instruction.
4. the method that the code reuse attack defending system that a kind utilizes described in claim 2 carries out code reuse attack defending, it is characterised in that including:
A) when program is opened, CPU calls silicon PUF module and produces the key key of encrypting and decrypting and be respectively stored in KEY_CFI depositor, arranges rule according to length and produces length len and be stored in Len_CFI depositor;
B) during program is loaded into internal memory Memory, CPU search all indirect jump instructions redirect destination address;
C) CPU sends the instruction at destination address that redirects found to encrypting and decrypting unit EDU;
D) these instructions are encrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and encrypted result returns to CPU;
E) these encrypted result are returned to internal memory Memory by CPU;
F) in program process, internal memory Memory sends the instruction in program to cache Cache in real time, CPU takes out the instruction in cache Cache, when the instruction taken out is call instruction, jump to g), when the instruction taken out is ret instruction, jump to j), when the instruction taken out is indirect jump instruction, jump to m), when program finishes execution then exits;
G) destination address that call instructs is sent to encrypting and decrypting unit EDU;
H) destination address that call instruction is corresponding is encrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and is sent in stack by the destination address after encryption;
I) the former destination address that CPU instructs according to call redirects the program of continuing executing with, and jumps to step f);
J) destination address that ret instructs is sent to encrypting and decrypting unit EDU;
K) ret instruction is decrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and is sent in CPU by the destination address after deciphering;
L) CPU redirects according to the destination address after deciphering, jumps to step f);
M) when going at destination address instruction and being loaded into CPU to, the content in the IR depositor of CPU is sent encrypting and decrypting unit EDU;
N) these instructions are decrypted by encrypting and decrypting unit EDU according to key key and length len thereof, and decrypted result returns to the IR depositor of CPU;
O) CPU continues executing with according to the instruction after the internal deciphering of IR depositor, jumps to f).
CN201610388347.7A 2016-06-02 2016-06-02 A kind of code reuse attack defending system and method Expired - Fee Related CN106022166B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610388347.7A CN106022166B (en) 2016-06-02 2016-06-02 A kind of code reuse attack defending system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610388347.7A CN106022166B (en) 2016-06-02 2016-06-02 A kind of code reuse attack defending system and method

Publications (2)

Publication Number Publication Date
CN106022166A true CN106022166A (en) 2016-10-12
CN106022166B CN106022166B (en) 2018-10-23

Family

ID=57090345

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610388347.7A Expired - Fee Related CN106022166B (en) 2016-06-02 2016-06-02 A kind of code reuse attack defending system and method

Country Status (1)

Country Link
CN (1) CN106022166B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107506644A (en) * 2017-08-16 2017-12-22 南京大学 The method for security protection that implicit constant threatens in dynamic generation code
CN108090346A (en) * 2017-12-04 2018-05-29 华中科技大学 A kind of code reuse attack defense method and system based on data stream monitoring
CN109495488A (en) * 2018-11-27 2019-03-19 杭州安恒信息技术股份有限公司 A kind of safety defense method and system based on Cookie encryption
WO2021000847A1 (en) * 2019-07-01 2021-01-07 华为技术有限公司 Processor and return address processing method
CN112332973A (en) * 2020-10-23 2021-02-05 南京理工大学 Fine-grained Internet of things equipment control flow protection method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102393890A (en) * 2011-10-09 2012-03-28 广州大学 Crypto chip system for resisting physical invasion and side-channel attack and implementation method thereof
CN102662830A (en) * 2012-03-20 2012-09-12 湖南大学 Code reuse attack detection system based on dynamic binary translation framework
US20130044874A1 (en) * 2011-08-17 2013-02-21 Bruce Murray Cryptographic circuit and method therefor
CN103229451A (en) * 2010-11-30 2013-07-31 英特尔公司 Method and apparatus for key provisioning of hardware devices
CN104200180A (en) * 2014-07-17 2014-12-10 南京航空航天大学 Physical unclonable function based on reconfigurable ring oscillators and generation method of physical unclonable function based on reconfigurable ring oscillators

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103229451A (en) * 2010-11-30 2013-07-31 英特尔公司 Method and apparatus for key provisioning of hardware devices
US20130044874A1 (en) * 2011-08-17 2013-02-21 Bruce Murray Cryptographic circuit and method therefor
CN102393890A (en) * 2011-10-09 2012-03-28 广州大学 Crypto chip system for resisting physical invasion and side-channel attack and implementation method thereof
CN102662830A (en) * 2012-03-20 2012-09-12 湖南大学 Code reuse attack detection system based on dynamic binary translation framework
CN104200180A (en) * 2014-07-17 2014-12-10 南京航空航天大学 Physical unclonable function based on reconfigurable ring oscillators and generation method of physical unclonable function based on reconfigurable ring oscillators

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
余智豪 等: "《物联网安全技术》", 30 April 2016 *
陈林博 等: ""利用返回地址保护机制防御代码复用类攻击"", 《计算机科学》 *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107506644A (en) * 2017-08-16 2017-12-22 南京大学 The method for security protection that implicit constant threatens in dynamic generation code
CN108090346A (en) * 2017-12-04 2018-05-29 华中科技大学 A kind of code reuse attack defense method and system based on data stream monitoring
CN108090346B (en) * 2017-12-04 2020-06-02 华中科技大学 Code multiplexing attack defense method and system based on data flow monitoring
CN109495488A (en) * 2018-11-27 2019-03-19 杭州安恒信息技术股份有限公司 A kind of safety defense method and system based on Cookie encryption
WO2021000847A1 (en) * 2019-07-01 2021-01-07 华为技术有限公司 Processor and return address processing method
CN112332973A (en) * 2020-10-23 2021-02-05 南京理工大学 Fine-grained Internet of things equipment control flow protection method
CN112332973B (en) * 2020-10-23 2022-06-24 南京理工大学 Fine-grained Internet of things equipment control flow protection method

Also Published As

Publication number Publication date
CN106022166B (en) 2018-10-23

Similar Documents

Publication Publication Date Title
CN106022166A (en) Code reuse attack defense system and method
Zhang et al. HCIC: Hardware-assisted control-flow integrity checking
CN102138300B (en) Message authentication code pre-computation with applications to secure memory
Henecka et al. Faster secure two-party computation with less memory
Zhuang et al. A new ultralightweight RFID protocol for low-cost tags: R 2 AP
US8699703B2 (en) System and method for pseudo-random polymorphic tree construction
Goldstein et al. Preventing DNN model IP theft via hardware obfuscation
Tople et al. {PRO-ORAM}: Practical {Read-Only} Oblivious {RAM}
Sepúlveda et al. Efficient and flexible NoC-based group communication for secure MPSoCs
Dai et al. Trustzone-based secure lightweight wallet for hyperledger fabric
Li et al. A control flow integrity checking technique based on hardware support
Wu et al. Exploring dynamic task loading in SGX-based distributed computing
Johnson et al. An FPGA architecture for the recovery of WPA/WPA2 keys
Yang et al. MEG: memory and energy efficient garbled circuit evaluation on smartphones
Xu et al. Privacy preserving large scale DNA read-mapping in MapReduce framework using FPGAs
US20200210626A1 (en) Secure branch predictor with context-specific learned instruction target address encryption
Anand et al. An ultra-high throughput AES-based authenticated encryption scheme for 6G: Design and implementation
EP2674892B1 (en) A method, a device and a computer program support for execution of encrypted computer code
Moataz et al. Chf-oram: a constant communication oram without homomorphic encryption
Simplicio Jr et al. The Lyra2 reference guide
Lipton et al. Provably secure virus detection: Using the observer effect against malware
Faz-Hernández et al. SoK: A performance evaluation of cryptographic instruction sets on modern architectures
Wolf et al. Securing network processors with high-performance hardware monitors
Irza et al. A third generation many-core processor for secure embedded computing systems
Hussain et al. A low performance-overhead ORAM design for processor system with un-trusted off-chip memory

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20181023