Method against process control-flow hijacking based on mimic defense
To defeat the attack of process control flow hijacking, a threat model was established from the point of vulnerability utilization, and the fortress defense to cut off the key vulnerability utilization path was proposed.On the basis of studying the principle of mimic defense, a threat model of proce...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2021-01-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021013/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539281457250304 |
|---|---|
| author | Chuanxing PAN Zheng ZHANG Bolin MA Yuan YAO Xinsheng JI |
| author_facet | Chuanxing PAN Zheng ZHANG Bolin MA Yuan YAO Xinsheng JI |
| author_sort | Chuanxing PAN |
| collection | DOAJ |
| description | To defeat the attack of process control flow hijacking, a threat model was established from the point of vulnerability utilization, and the fortress defense to cut off the key vulnerability utilization path was proposed.On the basis of studying the principle of mimic defense, a threat model of process mimic execution was proposed, and the threat model was analyzed and proved to be effective.Mimic execution could effectively cut off the attack path of control flow hijacking.The ptototype of mimic execution, MimicBox, was implemented.The validation experiment shows that MimicBox can effectively defend against most control flow hijacking attacks based on known binary vulnerabilities.The performance evaluation result shows that the overhead MimicBox lead to is less than 13% on CPU-intensive programs.The Comparative evaluation result shows that mimic execution is a more effective and practical active defense method compared with control flow integrity. |
| format | Article |
| id | doaj-art-72e844858f8f49a087a42950874e98c2 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2021-01-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-72e844858f8f49a087a42950874e98c22025-01-14T07:21:27ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2021-01-0142374759739579Method against process control-flow hijacking based on mimic defenseChuanxing PANZheng ZHANGBolin MAYuan YAOXinsheng JITo defeat the attack of process control flow hijacking, a threat model was established from the point of vulnerability utilization, and the fortress defense to cut off the key vulnerability utilization path was proposed.On the basis of studying the principle of mimic defense, a threat model of process mimic execution was proposed, and the threat model was analyzed and proved to be effective.Mimic execution could effectively cut off the attack path of control flow hijacking.The ptototype of mimic execution, MimicBox, was implemented.The validation experiment shows that MimicBox can effectively defend against most control flow hijacking attacks based on known binary vulnerabilities.The performance evaluation result shows that the overhead MimicBox lead to is less than 13% on CPU-intensive programs.The Comparative evaluation result shows that mimic execution is a more effective and practical active defense method compared with control flow integrity.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021013/control-flow hijackingmimic defensemimic executionprototypeevaluation |
| spellingShingle | Chuanxing PAN Zheng ZHANG Bolin MA Yuan YAO Xinsheng JI Method against process control-flow hijacking based on mimic defense Tongxin xuebao control-flow hijacking mimic defense mimic execution prototype evaluation |
| title | Method against process control-flow hijacking based on mimic defense |
| title_full | Method against process control-flow hijacking based on mimic defense |
| title_fullStr | Method against process control-flow hijacking based on mimic defense |
| title_full_unstemmed | Method against process control-flow hijacking based on mimic defense |
| title_short | Method against process control-flow hijacking based on mimic defense |
| title_sort | method against process control flow hijacking based on mimic defense |
| topic | control-flow hijacking mimic defense mimic execution prototype evaluation |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021013/ |
| work_keys_str_mv | AT chuanxingpan methodagainstprocesscontrolflowhijackingbasedonmimicdefense AT zhengzhang methodagainstprocesscontrolflowhijackingbasedonmimicdefense AT bolinma methodagainstprocesscontrolflowhijackingbasedonmimicdefense AT yuanyao methodagainstprocesscontrolflowhijackingbasedonmimicdefense AT xinshengji methodagainstprocesscontrolflowhijackingbasedonmimicdefense |