基于指令集随机化的抗代码注入攻击方法

代码注入攻击是应用程序面临的一种主要安全威胁，尤其是Web应用程序，该种攻击源于攻击者能够利用应用程序存在的漏洞/后门，向服务器端注入恶意程序并执行，或者利用应用程序对用户输入的参数缺乏验证和过滤，造成输入作为恶意程序执行，从而达到攻击目的。源程序分析和输入规则匹配等现有防御方法在面对代码注入攻击时都存在着固有缺陷，为了提高Web应用程序对于代码注入攻击的防御性，提出一种基于指令集随机化的抗代码注入方法，该防御方法不依赖于攻击者采用何种攻击方式，能够抵御未知的代码注入攻击。基于该技术及动态、冗余构造方法，设计一套原型系统，采用广义随机Petri网（Generalized Stochastic Petri Net，GSPN）建模计算，攻击者即使在获得随机化方法先验知识的情况下也极难突破系统的防御机制。尽管该方法需要对应用程序源代码进行随机化变换，但处理过程是完全自动化和具有普适性的，通过实验和现网测试表明该方法能够有效抵御大部分代码注入攻击，实现了对攻击的主动防御。

The Defense Method for Code-Injection Attacks Based on Instruction Set Randomization

Code-injection attack is one of common security threat types faced by Web applications. This attack occurs when an attacker injects malicious programs into the server by exploiting vulnerabilities and backdoors of applications, or makes use of that applications accept user input parameters without validating and filtering to make malicious input parameters executed. In addition, existing defense methods, such as application analysis and inputs analysis, have inherent defects in the face of code-injection attack. In order to counteract the trend, we present a defense method for Web application code-injection attacks based on instruction set randomization. This method does not depend on the attack methods adopted by the attacker, so it can resist unknown code-injection attacks. Based on this method, we design a prototype system, whose security is calculated by the generalized stochastic Petri net (GSPN). Even if the attacker obtains the prior knowledge of the randomized method, it is difficult to break the system. Although modifying source code of Web applications is needed, this process is fully automated and universal. Experiments show that this method can effectively resist code-injection attacks, and achieve the proactive defense.