面向动态生成代码的攻防技术综述

吴炜; 霍玮; 邹维

引用本文：

吴炜,霍玮,邹维.面向动态生成代码的攻防技术综述[J].信息安全学报,2016,1(4):52-64 [点击复制]
WU Wei,HUO Wei,ZOU Wei.Survey on Attacking and Defending Technologies of Dynamic Code Generation[J].Journal of Cyber Security,2016,1(4):52-64 [点击复制]

本文已被：浏览 6113次下载 6971次	码上扫一扫！
面向动态生成代码的攻防技术综述
吴炜^1,2,3,4, 霍玮^1,2,3,4, 邹维^1,2,3,4
0 字体:加大+\|默认\|缩小-
(1.中国科学院信息工程研究所北京中国 100093;2.中国科学院网络测评技术重点实验室北京中国 100195;3.网络安全防护技术北京市重点实验室北京中国 100195;4.中国科学院大学北京中国 100049)

摘要:

动态代码生成技术广泛使用在浏览器、Flash播放器等重要日常软件中，近年来其中曝出严重的安全问题，为控制流劫持攻击和相应的防御提供了新机会，受到越来越多的关注。针对动态生成代码在数据区且可被执行和直接依赖输入的特性，本文从代码注入攻击和代码重用攻击两个角度总结分析了控制流劫持攻击新技术，并从强制性防御和闪避防御（Moving target defense）两个角度对相关的主要防御新方法进行了阐述。同时提出动态代码生成系统安全性的衡量模型，对代表性防御技术进行对比分析和评估，并探讨了面向动态生成代码攻防技术的发展趋势和下一步的研究方向。

关键词: 软件安全即时编译动态二进制翻译控制流劫持防御技术

DOI：10.19363/j.cnki.cn10-1380/tn.2016.04.005

投稿时间：2016-06-15修订日期：2016-08-03

基金项目:本课题得到中国科学院百人计划[人字（2013）46号]、北京市科委重点项目课题"行业场景构建与漏洞分析关键技术研究"（D161100001216001）和中国科学院战略性先导科技专项“重点行业应用系统信息安防关键技术研究”（XDA06010703）资助。

Survey on Attacking and Defending Technologies of Dynamic Code Generation

WU Wei^1,2,3,4, HUO Wei^1,2,3,4, ZOU Wei^1,2,3,4

(1.Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;2.Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences, Beijing 100195, China;3.Beijing Key Laboratory of Network Security and Protection Technology, Beijing 100195, China;4.University of Chinese Academy of Sciences, Beijing 100049, China)

Abstract:

Dynamic code generation (DCG) is a technique widely deployed in important daily software such as web browser and Flash player. The threat posed by dynamic code generation has gained more and more attention in recent years because it provides new opportunities for control flow hijacking attack. In this paper, we summarize new control flow hijack attacks against DCG based on the paradigm that DCG generates executable code according to input program on-the-fly in two categories: code injection attack and code reuse attack. We systematically present the defense mechanisms for DCG in two categories: enforcement-based defense and moving target defense. We propose a model to evaluate existing defense technology based on defense benefit and defense cost. We also analyze the developing trend of attacking/defending technologies on dynamic code generation and give some suggestions on future research.

Key words: software security JIT compilation dynamic binary translation control flow hijack defense mechanism