网络与信息安全学报 ›› 2018, Vol. 4 ›› Issue (3): 1-12.doi: 10.11959/j.issn.2096-109x.2018017

• 综述 •    下一篇

代码复用对抗技术研究进展

乔向东1(),郭戎潇1,赵勇2,3   

  1. 1 空军工程大学信息与导航学院,陕西 西安710077
    2 清华大学计算机科学技术系,北京 100871
    3 江南计算技术研究所,江苏 无锡 214083
  • 修回日期:2018-01-26 出版日期:2018-03-15 发布日期:2018-04-09
  • 作者简介:乔向东(1970-),男,陕西佳县人,博士,空军工程大学副教授,主要研究方向为网络空间安全、信息对抗及多传感器信息融合。|郭戎潇(1982-),女,甘肃兰州人,博士,空军工程大学讲师,主要研究方向为网络空间安全。|赵勇(1978-),男,黑龙江方正人,清华大学博士生,主要研究方向为网络信息安全。
  • 基金资助:
    国家自然科学基金资助项目(61672061)

Research progress in code reuse attacking and defending

Xiangdong QIAO1(),Rongxiao GUO1,Yong ZHAO2,3   

  1. 1 Information and Navigation College,Air Force Engineering University,Xi’an 710077,China
    2 Department of Computer Science and Technology,Peking University,Beijing 100871,China
    3 Jiangnan Institute of Computing Technology,Wuxi 214083,China
  • Revised:2018-01-26 Online:2018-03-15 Published:2018-04-09
  • Supported by:
    The National Natural Science Foundation of China(61672061)

摘要:

代码复用攻击利用被攻击目标的固有程序代码实施攻击,打破了恶意行为总是源自外部的传统假设,是先进内存攻击技术的典型代表,也是近期软件安全领域的研究热点。首先,阐述了该技术的产生背景和实现机理;其次,从改进与变体、不同架构平台下的实现方法、自动化以及包括盲代码复用攻击和基于代码复用的非控制数据攻击在内的代码复用攻击技术的重要拓展等方面系统阐述了近年来国内外相关研究进展;再次,对代码复用攻击的防御机制和对抗防御机制的方法进行了讨论;最后,对代码复用对抗技术的发展趋势和研究方向进行了展望。

关键词: 软件安全, 代码复用, 返回导向式编程, 研究进展

Abstract:

Code reuse attacks make use of binary code existed in the attacked target to perform attack action,such technique breaks out the traditional assumption that malicious behavior always be introduced from the outside,it is representative sample of the advanced memory corruption techniques and also the focus of attention in the software security research field.The generation background and implementation principle were described firstly,and then the recent progresses of the technique,including improvement and variants,implementation methods under the different architecture platforms,automatic construction and important extension including blind ROP and non-control data attacks based on code reuse attacks,were introduced respectively.Various defense mechanisms and possible counter-defense methods for code reuse attacks were also discussed.Finally a perspective of the future work in this research area was discussed.

Key words: software security, code reuse, return-oriented programming (ROP), research progress

中图分类号: 

No Suggested Reading articles found!