摘要: |
动态代码生成技术广泛使用在浏览器、Flash播放器等重要日常软件中,近年来其中曝出严重的安全问题,为控制流劫持攻击和相应的防御提供了新机会,受到越来越多的关注。针对动态生成代码在数据区且可被执行和直接依赖输入的特性,本文从代码注入攻击和代码重用攻击两个角度总结分析了控制流劫持攻击新技术,并从强制性防御和闪避防御(Moving target defense)两个角度对相关的主要防御新方法进行了阐述。同时提出动态代码生成系统安全性的衡量模型,对代表性防御技术进行对比分析和评估,并探讨了面向动态生成代码攻防技术的发展趋势和下一步的研究方向。 |
关键词: 软件安全 即时编译 动态二进制翻译 控制流劫持 防御技术 |
DOI:10.19363/j.cnki.cn10-1380/tn.2016.04.005 |
投稿时间:2016-06-15修订日期:2016-08-03 |
基金项目:本课题得到中国科学院百人计划[人字(2013)46号]、北京市科委重点项目课题"行业场景构建与漏洞分析关键技术研究"(D161100001216001)和中国科学院战略性先导科技专项“重点行业应用系统信息安防关键技术研究”(XDA06010703)资助。 |
|
Survey on Attacking and Defending Technologies of Dynamic Code Generation |
WU Wei,HUO Wei,ZOU Wei |
Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences, Beijing 100195, China;Beijing Key Laboratory of Network Security and Protection Technology, Beijing 100195, China;University of Chinese Academy of Sciences, Beijing 100049, China |
Abstract: |
Dynamic code generation (DCG) is a technique widely deployed in important daily software such as web browser and Flash player. The threat posed by dynamic code generation has gained more and more attention in recent years because it provides new opportunities for control flow hijacking attack. In this paper, we summarize new control flow hijack attacks against DCG based on the paradigm that DCG generates executable code according to input program on-the-fly in two categories: code injection attack and code reuse attack. We systematically present the defense mechanisms for DCG in two categories: enforcement-based defense and moving target defense. We propose a model to evaluate existing defense technology based on defense benefit and defense cost. We also analyze the developing trend of attacking/defending technologies on dynamic code generation and give some suggestions on future research. |
Key words: software security JIT compilation dynamic binary translation control flow hijack defense mechanism |