CN107194246A - A kind of CPU for being used to realize dynamic instruction sets randomization - Google Patents

A kind of CPU for being used to realize dynamic instruction sets randomization Download PDF

Info

Publication number
CN107194246A
CN107194246A CN201710359363.8A CN201710359363A CN107194246A CN 107194246 A CN107194246 A CN 107194246A CN 201710359363 A CN201710359363 A CN 201710359363A CN 107194246 A CN107194246 A CN 107194246A
Authority
CN
China
Prior art keywords
randomization
instruction
random number
code
cpu
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710359363.8A
Other languages
Chinese (zh)
Other versions
CN107194246B (en
Inventor
舒辉
杜三
彭小详
康绯
熊小兵
祝跃飞
张泉
林昊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
PLA Information Engineering University
Original Assignee
PLA Information Engineering University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by PLA Information Engineering University filed Critical PLA Information Engineering University
Priority to CN201710359363.8A priority Critical patent/CN107194246B/en
Publication of CN107194246A publication Critical patent/CN107194246A/en
Application granted granted Critical
Publication of CN107194246B publication Critical patent/CN107194246B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow

Abstract

The present invention relates to a kind of CPU for being used to realize dynamic instruction sets randomization, belong to embedded system security technical field.The CPU of the present invention produces random number using random number generation circuit, and the random number of generation is sent into register, randomization is carried out to instruction using randomized algorithm and random number, and increase instruction translation circuit between fetching stage and decoding stage, the circuit includes a selector, the selector is in response to a selection signal, to determine first via signal or second road signal feeding decoder, first via signal is the instruction in the instruction fetch phase in instruction pipeline, the instruction that second road signal obtains for the random number of storage of the first via signal in register and the algorithm of anti-randomized.The present invention can realize randomization, the mobilism of kernel under the support of CPU hardware randomization, have good protection effect for the attack of code injection class, realize instruction set randomization compared to using virtual machine or binary system, reduce running wastage.

Description

A kind of CPU for being used to realize dynamic instruction sets randomization
Technical field
The present invention relates to a kind of CPU for being used to realize dynamic instruction sets randomization, belong to embedded system security technology neck Domain.
Background technology
Internet of Things (IOT) is the important component of generation information technology, immanent things is covered same Individual network, thing followed safety problem is extensively paid close attention to by people always.Hacker can be had a strong impact on using the attack of equipment leak Individual privacy safety, personal safety of payment and personal safety.Embedded system ensures embedded system as IOT support technology The security of system is to ensure the important channel of IOT safety.The Internet of things era, nearly all embedded system all connects with internet Enter ability, architecture forms invasion channel of the non-safety factor to embedded system in internet from opening is closed to.Generation Code injection type attack is the attack meanses that hacker commonly uses, and is performed using buffer overflow leak injection attacks code, so as to obtain System Privileges, steal information destroys the normal operation of system.Because leak can not possibly be eliminated, it can only be entered by various measures Row is alleviated, and the protection of existing leak and mitigation technique can not eradicate the threat of leak.Hacking technique is continued to develop simultaneously, code Replay attack progressively turns into the Main Means for bypassing current mean of defense with RAM leakage, causes huge potential safety hazard, causes The attention of research circle.Address space randomization (ASLR) and DEP (DEP) are current with most wide defence machine System, due to the limitation of quality, power, cost, performance and internal memory, ASLR and DEP is difficult to widely use in embedded systems.Attack The person of hitting can use heap to spray (Heap Spray) technology and bypass ASLR mechanism, and code reuse attack (such as ROP) can be utilized Existing executable code, rebuilds malicious exploitation, so as to bypass DEP defence.For DEP+ASLR combination defence, JIT- Spray and JIT-ROP provides the method for bypassing this combination defence, while being vulnerable to the threat of RAM leakage attack.
In application layer kernel protection, monitoring programme exists in the form of application program, realize to third party software every From perform with monitoring, be mainly used in defence due to vulnerability of application program trigger attack, but it can not protect inner nuclear layer and with Under level;In operating system layer kernel protection, monitoring programme have with kernel identical address space and operating right, with Driving or the modular manner that can be loaded are realized, can protect the kernel leak attack of majority, but because of monitoring programme operation In inner nuclear layer, attacker can be bypassed it using the leak of monitoring programme and estimate kernel;In hardware layer and operating system layer Between hypervisor, realize to bottom hardware operation and kernel behavior intercepted and captured and verified that performance loss is larger, Need to make a large amount of modifications to kernel bottom code, workload is big.
The support of kernel protection is realized in hardware layer, and target is mainly the support of trusted computing base, it is necessary to special hardware Support, poor universality.Need simultaneously since root of trust, to hardware platform, then to BIOS, to BOOTLoader, then to operation System, finally to application program, is measured step by step, available for the clean boot and the protection of file system for realizing kernel.But The management of credible platform, the foundation of the measurement of trust chain and credible chain needs to change a large amount of generations with being delivered in core design Code, workload is huge.
Instruction randomization (ISR) technology is the weight of MID (Moving Targets Defense, mobile target defense technique) Part is wanted, dynamic, random instruction set is provided for the program of operation, and attacker can not learn currently used instruction Collection, so that corresponding vulnerability exploit program can not be constructed, has good protection effect to code injection attack.With ALSR and DEP Compare, ISR can not only resist code injection attack, moreover it is possible to prevent the execution of unauthorized code, memory overflow attack can be alleviated, by It is plus overstocked that attacker still needs to crack encryption mechanism and key after memory overflow, adds code in the code in internal memory Replay attack difficulty, with degeneration-resistant to ability.
Gaurav et al. proposes instruction set randomization thought at first, as the universal method of confrontation code injection attack, Devise a kind of hardware based low-loss ISR to realize, and simulated with Bochs x86 emulators.Emulator, which is realized, can bring phase When big performance loss, key is stored in the newly-increased section of feasible execution file, is easily distorted by unauthorized access and malice, it is impossible to Dynamically randomization process and module, while it is assumed that in the order of obj documents and data separating, but actual executable There may be data in file in code segment, limit the application of this model in practice.
Although instruction randomization has good protection effect for code injection attack, internal storage code leakage is faced Risk, thus reduces the encryption mechanism analysis to code and key guesses the difficulty of solution, while instruction set randomized technique can delay Code reuse attack is solved, but code reuse attack can not be resisted.The security mechanism of the delineations of power such as traditional DEP is only will The write operation of memory pages is separated with performing operation, and code segment or data segment are all that acquiescence is readable, and this just leads Attacker has been caused to be read out, scan to memory pages by program errors such as hanging pointers.In code segment or data segment The distributed layout for the program randomization arrived, can bypass the randomization security mechanism such as ALSR and be attacked.Memory overflow substantially divides For two ways:One is direct leakage, that is, reads code segment, find the destination address for directly redirecting and directly invoking, collect this Analyzed a little addresses, it is possible to draw the distributing position of the code page;Two be indirect leakage, that is, reads the function in data segment Pointer (such as virtual table), return address can reach identical purpose.
Instruction set randomized technique based on software adds the software for interpretive order, and performance loss is big, while its Security depends on translation software, and attacker can bypass instruction set randomization protection using the leak of translation software.
The content of the invention
It is an object of the invention to provide a kind of CPU for being used to realize dynamic instruction sets randomization, to solve current cpu instruction Collection randomization is performed using virtual machine translation or binary translation execution causes the problem of performance loss is big.
The present invention provides a kind of CPU for being used to realize dynamic instruction sets randomization to solve above-mentioned technical problem, described CPU include instruction translation circuit and random number generation circuit, the random number generation circuit is used to produce random number, and will production Raw random number feeding register;Described instruction translation circuit includes a selector, and the selector is in response to a selection Signal, to determine that, by first via signal or second road signal feeding decoder, first via signal takes to be in instruction pipeline The instruction of instruction phase, second road signal for storage of the first via signal in the register random number and it is anti-with The instruction that the algorithm of machine is obtained.
Further, described random number generation circuit includes hardware oscillator and finite state machine, the hardware vibration Device is used to produce random number bit stream, and finite state machine is used to stream the random number bit of generation into register.
Further, described hardware oscillator includes at least two phase inverters.
Further, described CPU also includes code access control module and code region mapping block, the code area Internal storage code Regional Distribution information when domain mapping module is used to start memory access stage kernel is sent to code access control mould Block, described code access control module is used to whether judge reference address in the memory access stage in code region, if in code area Domain, then control instruction forbid accessing code region, described code region layout information determines by compiler.
Further, CPU is when carrying out kernel startup, the random number randomized algorithm that is stored according to register and by kernel In execution code randomization after move internal memory.
Further, when kernel Bootstrap Commissioning Program jumps to kernel and performed, the selection signal, control selections are enabled Device selection second road signal feeding decoder.
Further, during kernel loads executable file, judge executable file whether randomization, if so, then after It is continuous to perform;Otherwise, the random number and random algorithm in register are to executable file randomization.
The beneficial effects of the invention are as follows:The CPU of the present invention produces random number using random number generation circuit, and by generation Random number sends into register, carries out randomization to instruction using the random number in randomized algorithm and register, and taking Increase instruction translation circuit between finger stage and decoding stage, instruction translation circuit includes a selector, selector response In a selection signal, to determine that, by first via signal or second road signal feeding decoder, first via signal is managed for instruction It is in the instruction in instruction fetch phase in line, second road signal is the random number of storage of the first via signal in register and anti- The instruction that the algorithm of randomization is obtained.The present invention can realize the randomization of kernel, move under the support of CPU hardware randomization State, has good protection effect for the attack of code injection class, instruction set is realized compared to using virtual machine or binary system Randomization, reduces running wastage.
The present invention is believed also on the basis of instruction randomization in compilation process by code region in record code section Breath, controls the read operation to code region to realize the separation of read and write authority, is not required to change program's source code, realizes code segment middle finger Order and data separating;The fetching operational access control to code region is realized in the CPU memory access stages, defends direct internal storage code to let out Dew and the leakage of indirect internal storage code, prevent code reuse from attacking.
Brief description of the drawings
Fig. 1 is existing CPU model schematics;
Fig. 2 is the cpu system model schematic of the present invention;
Fig. 3 is real random number generator principle schematic;
Fig. 4 is the operation principle schematic diagram for instructing translation module;
Fig. 5 is core instructions collection randomization supported design schematic diagram;
Fig. 6 is diversified compiler block schematic illustration.
Embodiment
The embodiment to the present invention is described further below in conjunction with the accompanying drawings.
Current cpu system in processor as shown in figure 1, including processor and memory, include register, processing electricity Road, data lines and decoder, instruction pipeline read instruction from memory, and the instruction read is transferred into command decoder Enter row decoding, the programmed instruction that command decoder response is decoded by command decoder produces control signal, by produced control The access of signal control processing circuit processed and register.
The targeted present invention is the CPU based on RISC Architecture, and the present embodiment is illustrated by taking OpenRISC projects as an example, this The instruction randomization CPU of invention is also applied for the CPU of other RISC instruction frameworks.What OpenRISC projects offer one was increased income RISC processing frameworks, using not structure is breathed out, with five-stage pipeline, support instruction extension.The implementation procedure of every instruction is divided Into instruction fetch phase, Instruction decoding stage, execution phase, access memory stage and data write back stage, wherein fetching The stage is made to be used to obtain PC values, and the searching instruction in command memory;The Instruction decoding stage refers to seeking the instruction fetch phase Row decoding is entered in the instruction found, and determines the value of each control signal;Execution phase is used for data and instruction according to input Code carries out computing, and result is exported;Accessing the memory stage is used to carry out data memory operations, only Load or Store Type just has content;Data write back stage is used to write back result of calculation.Only after the completion of each execution phase, one Bar instruction is just finished, in each execution phase, after an instruction completes to perform in this stage, under One instruction will immediately enter the execution stage to perform operation.
Threat that is big and bypassing ISR mechanism can be lost due to being currently based on the instruction set randomization existence of software realization, The present invention is on the basis of OpenRISC, to realize that dynamic cpu instruction collection randomization is used to realize dynamic instruction there is provided one kind Collect the CPU of randomization, increase instruction translation circuit and random number generation circuit between instruction fetch phase and decoding stage, wherein Random number generation circuit is used to produce random number, and the random number of generation is sent into register;Instruction translation circuit includes one Selector, the selector is in response to a selection signal, to determine first via signal or second road signal feeding decoder, First via signal is the instruction in the instruction fetch phase in instruction pipeline, and second road signal is first via signal according in register The random number of storage and the obtained instruction of the algorithm of anti-randomized.
Specifically, CPU of the invention use four layer architectures, as shown in Fig. 2 from high to low include application layer, inner nuclear layer, Equipment firmware layer and hardware layer, instruction translation circuit and random number generation circuit are arranged at hardware layer.Wherein random number is produced Circuit includes hardware oscillator and finite state machine, and hardware oscillator is used to produce random number bit stream, and finite state machine is used for The random number bit of generation is streamed into register.The present embodiment is random using being realized on the atlys development boards of xilinx companies Number generation circuit, principle are as shown in figure 3, including 5 groups of oscillators, every group of oscillator is using 3 phase inverters, with CPU system frequency Rate carries out sampling output with d type flip flop as sample frequency, and sampled result is passed through after XOR, generates random number, using finite The random number of generation is stored in register by automatic machine.
Instruction translation circuit is used to translate randomization instruction, and derandomized, the circuit is arranged on the instruction fetch phase Between the decoding stage, input instruction is carried out instead by random number generation circuit generation random number using what internal register was stored Randomization, with input instruction together as feeding decoder alternate item, with selection signal control feeding be input instruction also It is the instruction after anti-randomized.Its realization principle is as shown in figure 4, including selector, the selector is by selection signal control, selection The input of device includes two paths of signals, and first via signal is the instruction in instruction fetch phase, and second road signal is first via signal root The instruction obtained according to the random number of the storage in internal register reg1 and the algorithm of anti-randomized.Selection signal is by boot kernel Startup program is jumped to when kernel is performed and enabled, control selections device selection second road signal feeding decoder.
The CPU also includes being used for three instructions for providing instruction set randomization interface, is cust8rD respectively:Generation is random Number, deposit internal register reg1;cust7rD:CPU switching performs state, enables instruction translation module;cust6rD:By inside The random number deposited in register is taken out, and is put into rD, and the randomization for performing code for software provides support.
CPU embedded Linux kernel is booted up using BOOT Loader on startup, and uboot draws as conventional Helical pitch sequence, as shown in figure 5, analysis is booted up Kernel-Process, kidnaps kernel decompression, and executable code is moved to internal memory, profit The content for performing code interval is subjected to randomization with the random number stored in internal register, in uboot is jumped to CPU execution state is switched into translation state when core is performed, instruction translation circuit is enabled.
Change in kernel source code on memory table and relocation process partial code, in kernel BootLoader file system During, by execution code (instruction) randomization of the executable file in file system, realize kernel native instructions randomization Support.Analysis kernel loads the process of executable file, before elf files are loaded into kernel module, first determines whether code Whether region is used for instruction set randomization, if randomization, is continued executing with;Otherwise, obtain in internal register The random number of storage, using code region section to executable file randomization, then reloads execution.
It can be seen that of the invention under the support of cpu instruction collection randomization, the random number stored using internal register is incited somebody to action Code randomization is performed, is parsed and performed using instruction translation circuit, while the random number generated when kernel starts every time is inconsistent, The dynamic of instruction set randomization can be realized.By changing the code of kernel loads process and module, process and mould can be achieved Block instruction collection randomization.
The method that the present invention also merges anti-internal storage code leakage on the basis of instruction set randomization, can not only defend code Injection attacks, while can also prevent internal storage code leakage and code reuse attack.Code reuse attack needs to learn in internal memory Code position, it is possible to prevent code reuse from attacking by the method for anti-RAM leakage, traditional writes execution authority separation In method, code segment has execution and read right simultaneously, and attacker can directly or indirectly obtain interior using RAM leakage leak Code information in depositing, this method can not prevent internal storage code from revealing.Read to separate that (code segment is only with execution authority by realizing Perform and no longer readable) method have a good application prospect, and how its main problems faced is by the number in code segment According to stripping, realize that code segment is strictly distinguished with data segment.The present invention passes through code in record code section from another angle Area information, then control the read operation to code region to realize the separation of read and write authority.
Specifically, the present invention adds code region mapping block and code access control module in CPU hardware layer, As shown in Fig. 2 code region mapping block is used to the code region layout information of internal memory passing to code access control module, Whether code access control module judges reference address in the memory access stage in code region, if fetcher code region, is triggered It is abnormal, prevent instruction for the access of code region, control routine section defends internal storage code leakage attack to only carry out authority. Wherein code region layout information is determined by compiler, is to be laid out the code region of internal memory when kernel starts in bootstrap Information is written to specific region of memory.
Compiler in the present embodiment is using diversified compiler LLVM, and diversified compiler LLVM is provided to intermediate language IR optimization method, can do varigrained optimization processing to instruction, basic block, function, module, can also be in compiling chain The stage of connecing optimizes processing.During diversified compiler LLVM general frames are as shown in fig. 6, the C/C++ source codes of front end are converted into Between file IR, intermediate file IR generation obj files process, instruction translation be machine code during record its obj text The position of part, obtains the code region information of obj files, when obj files are linked as into executable file, merges code region letter Breath, increases code region section newly, records the code region information of executable file.Here executable file can be added by kernel Carry the executable file in file system or the execution code of kernel start-up course.

Claims (7)

1. a kind of CPU for being used to realize dynamic instruction sets randomization, it is characterised in that described CPU includes instruction translation circuit And random number generation circuit, the random number generation circuit is used to produce random number, and the random number of generation is sent into register; Described instruction translation circuit includes a selector, and the selector is in response to a selection signal, to determine to believe the first via Number or second road signal feeding decoder, first via signal be instruction pipeline in be in the instruction fetch phase instruction, the second tunnel The instruction that signal obtains for the random number of storage of the first via signal in the register and the algorithm of anti-randomized.
2. the CPU according to claim 1 for being used to realize dynamic instruction sets randomization, it is characterised in that described is random Number generation circuit includes hardware oscillator and finite state machine, and the hardware oscillator is used to produce random number bit stream, limited State machine is used to stream the random number bit of generation into register.
3. the CPU according to claim 2 for being used to realize dynamic instruction sets randomization, it is characterised in that described hardware Oscillator includes at least two phase inverters.
4. the CPU according to claim 1 for being used to realize dynamic instruction sets randomization, it is characterised in that described CPU is also Including code access control module and code region mapping block, the code region mapping block is used for memory access stage kernel Internal storage code Regional Distribution information during startup is sent to code access control module, and described code access control module is used for Reference address is judged in the memory access stage whether in code region, if in code region, control instruction forbids visiting code region Ask, described code region layout information is determined by compiler.
5. the CPU according to claim 4 for being used to realize dynamic instruction sets randomization, it is characterised in that CPU is in carrying out When core starts, the random number randomized algorithm that is stored according to register and interior by being moved after the execution code randomization in kernel Deposit.
6. the CPU according to claim 5 for being used to realize dynamic instruction sets randomization, it is characterised in that in boot kernel When startup program jumps to kernel execution, the selection signal, control selections device selection second road signal feeding decoder are enabled.
7. the CPU according to claim 5 for being used to realize dynamic instruction sets randomization, it is characterised in that kernel loads can When performing file, executable file whether randomization is judged, if so, then continuing executing with;Otherwise, in register with Machine number and random algorithm are to executable file randomization.
CN201710359363.8A 2017-05-19 2017-05-19 CPU for realizing dynamic instruction set randomization Active CN107194246B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710359363.8A CN107194246B (en) 2017-05-19 2017-05-19 CPU for realizing dynamic instruction set randomization

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710359363.8A CN107194246B (en) 2017-05-19 2017-05-19 CPU for realizing dynamic instruction set randomization

Publications (2)

Publication Number Publication Date
CN107194246A true CN107194246A (en) 2017-09-22
CN107194246B CN107194246B (en) 2020-10-02

Family

ID=59874400

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710359363.8A Active CN107194246B (en) 2017-05-19 2017-05-19 CPU for realizing dynamic instruction set randomization

Country Status (1)

Country Link
CN (1) CN107194246B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111797388A (en) * 2020-06-12 2020-10-20 武汉大学 JavaScript engine memory information leakage defense method and system based on runtime randomization
CN112199681A (en) * 2020-10-22 2021-01-08 中国人民解放军国防科技大学 Code injection type attack protection method and device based on multi-coding mode CPU
CN112446064A (en) * 2020-12-14 2021-03-05 中国人民解放军海军工程大学 Control flow hiding based lightweight cipher chip bus protection system and method
CN112486570A (en) * 2020-11-06 2021-03-12 麒麟软件有限公司 Glibc compatible method for different types of CPUs
CN112905242A (en) * 2021-03-23 2021-06-04 浙江大华技术股份有限公司 Branch path jumping method, device, storage medium and electronic device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8549367B1 (en) * 2010-12-29 2013-10-01 Cadence Design Systems, Inc. Method and system for accelerating memory randomization
CN104020981A (en) * 2014-06-19 2014-09-03 大唐微电子技术有限公司 CPU and instruction processing method of CPU
CN105046117A (en) * 2015-06-30 2015-11-11 西北大学 Code virtualization software protection system realizing instruction set randomization

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8549367B1 (en) * 2010-12-29 2013-10-01 Cadence Design Systems, Inc. Method and system for accelerating memory randomization
CN104020981A (en) * 2014-06-19 2014-09-03 大唐微电子技术有限公司 CPU and instruction processing method of CPU
CN105046117A (en) * 2015-06-30 2015-11-11 西北大学 Code virtualization software protection system realizing instruction set randomization

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
ANTONIS PAPADOGIANNAKIS: "ASIST-architectural support for instruction set randomization", 《CCS "13 PROCEEDINGS OF THE 2013 ACM SIGSAC CONFERENCE ON COMPUTER & COMMUNICATIONS SECURITY》 *
王烨等: "基于代码防泄漏的代码复用攻击防御技术", 《计算机研究与发展 》 *
霍文捷等: "一种基于FPGA的真随机数生成器的设计", 《华中科技大学学报(自然科学版)》 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111797388A (en) * 2020-06-12 2020-10-20 武汉大学 JavaScript engine memory information leakage defense method and system based on runtime randomization
CN112199681A (en) * 2020-10-22 2021-01-08 中国人民解放军国防科技大学 Code injection type attack protection method and device based on multi-coding mode CPU
CN112199681B (en) * 2020-10-22 2024-03-26 中国人民解放军国防科技大学 Code injection type attack protection method and device based on multi-coding mode CPU
CN112486570A (en) * 2020-11-06 2021-03-12 麒麟软件有限公司 Glibc compatible method for different types of CPUs
CN112486570B (en) * 2020-11-06 2023-06-02 麒麟软件有限公司 Glibc compatible method for CPUs of different types
CN112446064A (en) * 2020-12-14 2021-03-05 中国人民解放军海军工程大学 Control flow hiding based lightweight cipher chip bus protection system and method
CN112905242A (en) * 2021-03-23 2021-06-04 浙江大华技术股份有限公司 Branch path jumping method, device, storage medium and electronic device
US11914978B2 (en) 2021-03-23 2024-02-27 Zhejiang Dahua Technology Co., Ltd. Systems and methods for code optimization

Also Published As

Publication number Publication date
CN107194246B (en) 2020-10-02

Similar Documents

Publication Publication Date Title
Canella et al. A systematic evaluation of transient execution attacks and defenses
Lipp et al. Meltdown: Reading kernel memory from user space
Dessouky et al. Litehax: lightweight hardware-assisted attestation of program execution
Guanciale et al. Cache storage channels: Alias-driven attacks and verified countermeasures
Gionta et al. HideM: Protecting the contents of userspace memory in the face of disclosure vulnerabilities
Lee et al. Enlisting hardware architecture to thwart malicious code injection
CN107194246A (en) A kind of CPU for being used to realize dynamic instruction sets randomization
Portokalidis et al. Fast and practical instruction-set randomization for commodity systems
Ahmad et al. CHANCEL: Efficient Multi-client Isolation Under Adversarial Programs.
Chen et al. AfterImage: Leaking control flow data and tracking load operations via the hardware prefetcher
Bresch et al. A red team blue team approach towards a secure processor design with hardware shadow stack
Piromsopa et al. Survey of protections from buffer-overflow attacks
Zhu et al. CPU security benchmark
CN106127054A (en) A kind of system-level safety protecting method towards smart machine control instruction
Chen et al. Lightweight and secure branch predictors against Spectre attacks
Schwarz Software-based Side-Channel Attacks and Defenses in Restricted Environments
Liu et al. A kernel stack protection model against attacks from kernel execution units
Wang et al. A Fine-Grained Hardware Security Approach for Runtime Code Integrity in Embedded Systems.
Zhang et al. Super Root: A New Stealthy Rooting Technique on ARM Devices
Alam et al. Making your program oblivious: a comparative study for side-channel-safe confidential computing
de Oliviera et al. Reverse branch target buffer poisoning
Sun et al. Kernel code integrity protection based on a virtualized memory architecture
Chen et al. Exploration for software mitigation to spectre attacks of poisoning indirect branches
Bresch et al. TrustFlow: A trusted memory support for data flow integrity
Kim et al. Fast and space-efficient defense against jump-oriented programming attacks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant