A Static Recognition Mechanism for Indirect Call Based on Static Single Assignment
详细信息 查看全文
- 作者:Shixiang Gao (18)
Tao Zheng (18) (19)
Xun Zhan (18)
Xianping Tao (19)
Qiaoming Zhu (20)
Junyuan Xie (19)
Wenyang Bai (19) - 关键词:indirect call ; static binary code analysis ; address space layout randomization ; embedded system ; security ; pervasive computing.
- 刊名:Lecture Notes in Computer Science
- 出版年:2014
- 出版时间:2014
- 年:2014
- 卷:8351
- 期:1
- 页码:110-117
- 全文大小:254 KB
- 参考文献:1. Ravi, S., Raghunathan, A., Kocher, P., et al.: Security in embedded systems: Design challenges. ACM Transactions on Embedded Computing Systems (TECS)?3(3), 461-91 (2004) CrossRef
2. Hsieh, G., Meeks, R., Marvel, L.: Supporting Secure Embedded Access Control Policy with XACML+ XML Security. In: 2010 5th International Conference on Future Information Technology (FutureTech), pp. 1-. IEEE (2010)
3. Cowan, C., Pu, C., Maier, D., et al.: StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In: Proceedings of the 7th USENIX Security Symposium, vol.?81, pp. 346-55 (1998)
4. Cowan, C., Barringer, M., Beattie, S., et al.: FormatGuard: Automatic protection from printf format string vulnerabilities. In: Proceedings of the 10th USENIX Security Symposium, vol.?3 (2001)
5. Solar Designer. StackPatch, http://www.opwnwall.com/linux
6. Bhatkar, S., DuVarney, D.C., Sekar, R.: Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In: Proceedings of the 12th USENIX Security Symposium, vol.?120 (2003)
7. Kil, C., Jun, J., Bookholt, C., et al.: Address space layout permutation (aslp): Towards fine-grained randomization of commodity software. In: 22nd Annual on Computer Security Applications Conference, ACSAC 2006, pp. 339-48. IEEE (2006)
8. Shacham, H.: The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 552-61. ACM (2007)
9. Jackson, T., Salamat, B., Wagner, G., et al.: On the effectiveness of multi-variant program execution for vulnerability detection and prevention. In: Proceedings of the 6th International Workshop on Security Measurements and Metrics, vol.?7. ACM (2010)
10. Shacham, H., Page, M., Pfaff, B., et al.: On the effectiveness of address space randomization. In: ACM conference on Computer and Communication s Security (CCS), Washington, DC, pp. 298-07 (2004)
11. Durden, T.: Bypassing pax aslr protection. Phrack Magazine?59(9), 9- (2002)
12. Wang, Z., Cheng, R., Gao, D.: Revisiting address space randomization. Information Security and Cryptology-ICISC 2011, 207-21 (2010)
13. Van Emmerik, M.J.: Static single assignment for decompilation. The University of Queensland (2007)
14. Appel, A.W.: Modern compiler implementation in Java. Cambridge University Press (1998)
15. Lang, B., Zhao, N., Ge, K., et al.: An XACML policy generating method based on policy view. In: Third International Conference on Pervasive Computing and Applications, ICPCA 2008, vol.?1, pp. 295-01. IEEE (2008)
16. Cytron, R., Ferrante, J., Rosen, B.K., et al.: Efficiently computing static single assignment form and the control dependence graph. ACM Transactions on Programming Languages and Systems (TOPLAS)?13(4), 451-90 (1991) CrossRef
17. Cifuentes, C., Simon, D.: Procedure abstraction recovery from binary code. In: Proceedings of the Fourth European Software Maintenance and Reengineering, pp. 55-4. IEEE (2000) - 作者单位:Shixiang Gao (18)
Tao Zheng (18) (19)
Xun Zhan (18)
Xianping Tao (19)
Qiaoming Zhu (20)
Junyuan Xie (19)
Wenyang Bai (19)
18. Software Institute, Nanjing University, 210093, Nanjing, China
19. National Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, China
20. School of Computer Science & Technology, Soochow University, 215006, Suzhou, China - ISSN:1611-3349
文摘
By preventing attacks which exploit stack buffer overflow vulnerabilities, address space layout?randomization is an effective way for embedded systems protection. However, ASLR will probably suffer exhaustive attacks because the pertinence is not strong. At present only coarse-grained randomization has been implemented because one of the key bottlenecks for fine-grained randomization is the dependencies between functions cannot be constructed completely due to indirect calls. As a result, we give a static inter-procedural?backtracking?recognition mechanism in this paper by using intermediate code analysis technologies to identify the destination addresses of indirect callings generated by function pointers.