代码重用攻击与防御机制综述

由于C与C++等计算机程序中广泛存在的漏洞,攻击者可以通过这些漏洞读取或篡改内存中的数据,改变计算机程序原有的执行状态达到破坏的目的。为此研究者进行了不懈地努力并采取了一些卓有成效的保护机制,例如数据不可执行与内存布局随机化,这些防御机制对于早期的代码注入攻击起到了极好的防御效果,然而计算机系统的安全性依然不容乐观。攻击者在无法通过向内存中注入自己的代码并执行的方式完成攻击后,开始利用内存中原有的代码,通过控制它们执行的顺序来达到自己的目的,这种攻击方式称为代码重用攻击,它具有极大的威胁性,能够绕过多种现行的安全措施,并成为攻击者的主流攻击方式。为此,研究界针对代码重用攻击的研究也逐渐增多。本文简述了代码重用攻击的起源,攻击实现的方式,系统化地总结了现有的防御机制并对这些防御机制进行了评价。对代码重用攻击的根本原因进行了简要的分析,并提出了一种新的防御机制设计思路。

A Survey of Code Reuse Attack and Defense Mechanisms

Due to the wide existence of vulnerabilities in computer programs such as C and C++, computer systems is vulnerable to be tampered by adversary changing the original running states. Researchers have made great efforts and take some effective protection mechanisms, for instance, Data Execution Prevention and Address Space Layout Randomization. These security mechanisms have a great effect against the primitive attack patterns like code-injection attack. However, the security of computer system is still not optimistic. Though the adversary could not inject their own codes into the memory then run them ever again, they began to use the original benign codes in the memory, manipulate them to achieve malicious purpose by changing their order of operating, which is called code-reuse attack. And it is able to bypass a variety of security mechanisms of commodity computer systems, thus it has become a major threat and the main pattern of hacking. For this reason, researches about code-reuse attack have been taken up in recent years. This paper illustrates the origin of code-reuse attack and achieved way of attack, summarizes the existing defense mechanisms and simply evaluates these defense mechanisms systematically. Meanwhile, this paper analyzes briefly the basic reason of code reuse attack and puts forward an new idea of defense mechanism designing.