引用本文
  • 黄庆佳,黄思聪,贾晓启,周梦婷,付玉霞,谢静,刘冠廷,冯文治.进程内部空间隔离研究综述[J].信息安全学报,已采用    [点击复制]
  • Huang Qingjia,Huang Sicong,Jia Xiaoqi,Zhou Mengting,Fu Yuxia,Xie Jing,Liu Guanting,Feng Wenzhi.A Survey on Intra-process Memory Isolation Technology[J].Journal of Cyber Security,Accept   [点击复制]
【打印本页】 【下载PDF全文】 查看/发表评论下载PDF阅读器关闭

过刊浏览    高级检索

本文已被:浏览 6102次   下载 4907  
进程内部空间隔离研究综述
黄庆佳, 黄思聪, 贾晓启, 周梦婷, 付玉霞, 谢静, 刘冠廷, 冯文治
0
(中国科学院信息工程研究所)
摘要:
近些年系统安全防御机制有着显著的发展进步,但是内存损坏漏洞依旧对现代软件的安全性构成了巨大的威胁,其仍是现代应用程序中最普遍和最危险的安全漏洞之一。然而现代操作系统所提供内存隔离机制仅作用于进程之间,未能有效支持在进程内部建立安全隔离边界,如果目标进程中存在内存损坏漏洞,攻击者便可利用该类型漏洞破坏进程自身代码的安全性、恶意访问进程内部的敏感信息、或劫持程序原本的执行流进而控制整个应用进程。进程内部空间隔离通过将原本单一的进程空间划分为多个相互隔离的内存区域,不仅可以保护进程内特殊模块的安全性,也可以保护进程内部敏感信息,同时也能用于检测、监控和防御进程内不可信模块的恶意行为,从而降低漏洞带来的安全风险,极大程度地提高相关应用程序的安全性和健壮性。为此研究人员设计了大量用于加强进程内部空间隔离效果的研究方案。本文首先对进程内部空间隔离技术进行整体概述,其次通过比较进程内部空间隔离与传统安全机制体现进程内部空间隔离机制的优势与必要性。接下来本文分析总结了各种安全机制的研究现状,然后对当前进程内部空间隔离的实现机制进行总结并指出相关研究的发展趋势以及如何实现更安全更高效的进程内部空间隔离机制,同时将各安全机制抽象成四个指标进行对比分析。最后结合目前存在的问题,展望了进程内部隔离方案的未来相关研究方向。
关键词:  内存损坏漏洞  进程内部空间隔离  隐私信息安全
DOI:10.19363/J.cnki.cn10-1380/tn.2024.08.16
投稿时间:2023-01-05修订日期:2023-04-19
基金项目:国家自然科学基金项目(面上项目,重点项目,重大项目)
A Survey on Intra-process Memory Isolation Technology
Huang Qingjia, Huang Sicong, Jia Xiaoqi, Zhou Mengting, Fu Yuxia, Xie Jing, Liu Guanting, Feng Wenzhi
(Institute of Information Engineering, Chinese Academy of Sciences)
Abstract:
System security defense mechanisms have evolved significantly in recent years, but memory corruption vulnerabilities continue to pose a significant threat to the security of modern software and remain one of the most prevalent and dan-gerous security vulnerabilities in modern applications. However, the memory isolation mechanisms provided by modern operating systems only work between processes and do not effectively support the establishment of secure isolation boundaries within processes. If a memory corruption vulnerability exists in the target process, an attacker could use this type of vulnerability to compromise the security of the process"s own code, maliciously access sensitive information inside the process, or hijack the original execution flow of the program to take control of the entire application process. By dividing the original single process memory space into multiple mutually isolated memory areas, intra-process space isolation not only protects the security of special modules within the process, but also protects sensitive information within the process, and can also be used to detect, monitor and defend against malicious behavior of untrusted modules within the process, thus reducing the security risk caused by vulnerabilities and greatly improving the security and ro-bustness of related applications. To this end, researchers have designed a number of research schemes for enhancing the spatial isolation effect within the process. In this paper, we first give a general overview of the intra-process memory isolation technology, and secondly demonstrate the advantages and necessity of the intra-process memory isolation mechanism by comparing it with traditional security mechanisms. Next, we analyze and summarize the current research status of various security mechanisms, and then summarize the current implementation mechanism of intra-process memory isolation and point out the development trend of related research and how to achieve a safer and more efficient intra-process memory isolation mechanism, while abstracting each security mechanism into four indicators for compari-son and analysis. Finally, we look into the future research directions related to the intra-process memory isolation, con-sidering the current problems.
Key words:  memory corruption vulnerability  intra-process memory isolation  privacy and information security