Method against process control-flow hijacking based on mimic defense
To defeat the attack of process control flow hijacking, a threat model was established from the point of vulnerability utilization, and the fortress defense to cut off the key vulnerability utilization path was proposed.On the basis of studying the principle of mimic defense, a threat model of proce...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2021-01-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021013/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | To defeat the attack of process control flow hijacking, a threat model was established from the point of vulnerability utilization, and the fortress defense to cut off the key vulnerability utilization path was proposed.On the basis of studying the principle of mimic defense, a threat model of process mimic execution was proposed, and the threat model was analyzed and proved to be effective.Mimic execution could effectively cut off the attack path of control flow hijacking.The ptototype of mimic execution, MimicBox, was implemented.The validation experiment shows that MimicBox can effectively defend against most control flow hijacking attacks based on known binary vulnerabilities.The performance evaluation result shows that the overhead MimicBox lead to is less than 13% on CPU-intensive programs.The Comparative evaluation result shows that mimic execution is a more effective and practical active defense method compared with control flow integrity. |
|---|---|
| ISSN: | 1000-436X |