本文關(guān)鍵詞： 運(yùn)行中隨機(jī)化 代碼復(fù)用攻擊 面向返回編程 內(nèi)存信息泄露 軟件安全　出處：《南京大學(xué)》2017年碩士論文　論文類型：學(xué)位論文

【摘要】：運(yùn)行中隨機(jī)化是針對基于內(nèi)存信息泄露的代碼復(fù)用攻擊提出的一種防御方法。在程序運(yùn)行過程中觸發(fā)隨機(jī)化操作,使攻擊者難以獲得有效的內(nèi)存布局信息用于組織攻擊�，F(xiàn)有的運(yùn)行中隨機(jī)化方法TASR使用write/read操作配對出現(xiàn)作為運(yùn)行中隨機(jī)化的觸發(fā)條件。然而,觸發(fā)條件過于寬泛,使得沒有風(fēng)險的write操作也會觸發(fā)運(yùn)行中隨機(jī)化,導(dǎo)致程序性能下降,I/0密集型程序所受影響尤為嚴(yán)重。因此,本文研究內(nèi)存信息泄露的運(yùn)行中隨機(jī)化防御方法,細(xì)化運(yùn)行中隨機(jī)化觸發(fā)條件,以避免不必要且耗時的隨機(jī)化操作,提高運(yùn)行中隨機(jī)化方法的有效性。本文主要的研究工作如下:(1)分析、總結(jié)了不同類型的內(nèi)存布局信息泄露以及基于隨機(jī)化的防御方法的原理,重點(diǎn)分析了現(xiàn)有運(yùn)行中隨機(jī)化方法存在的運(yùn)行開銷問題以及其隨機(jī)化觸發(fā)條件不合理的原因。TASR的運(yùn)行中隨機(jī)化觸發(fā)條件為write/read操作配對出現(xiàn),因此善意的write操作也會觸發(fā)運(yùn)行中隨機(jī)化,造成程序性能損失。(2)為細(xì)化運(yùn)行中隨機(jī)化觸發(fā)條件,定義了安全敏感區(qū)域的概念,并以write操作訪問安全敏感區(qū)域作為隨機(jī)化操作的觸發(fā)條件,同時給出了程序安全敏感區(qū)域的分析、提取方法,以及程序運(yùn)行中檢查方法。安全敏感區(qū)域是包含有助于攻擊者分析程序內(nèi)存布局信息的內(nèi)存區(qū)域,對其進(jìn)行write操作訪問可使攻擊者獲得內(nèi)存布局相關(guān)信息,因此為有風(fēng)險的內(nèi)存訪問操作。通過分析目標(biāo)文件的元數(shù)據(jù)以及監(jiān)控裝載/卸載過程能獲得安全敏感區(qū)域的范圍,而對write操作訪問目標(biāo)進(jìn)行檢查,判斷是否與安全敏感區(qū)域相交來區(qū)分有、無風(fēng)險的操作,以此細(xì)化隨機(jī)化的觸發(fā)條件。(3)通過分析目標(biāo)文件的段表和節(jié)表來提取安全敏感區(qū)域的信息,以及對裝載/卸載操作相關(guān)的系統(tǒng)調(diào)用進(jìn)行監(jiān)控,來確定安全敏感區(qū)域的最終位置。然后對輸入/輸出相關(guān)的系統(tǒng)調(diào)用進(jìn)行監(jiān)控來判斷是否要觸發(fā)運(yùn)行中隨機(jī)化,以此實(shí)現(xiàn)了改進(jìn)方法的原型系統(tǒng)。理論分析表明,改進(jìn)方法可保持與原方法相同的安全性。以Nginx網(wǎng)絡(luò)服務(wù)器作為I/O密集型程序樣本,進(jìn)行了服務(wù)能力實(shí)驗(yàn)。實(shí)驗(yàn)結(jié)果表明,改進(jìn)方法能顯著降低原方法對I/O密集型程序造成的額外開銷。
[Abstract]:Randomization in operation is a defense against code reuse attacks based on memory information leakage, which triggers randomization operations during the running of programs. It is difficult for an attacker to obtain valid memory layout information for organizing attacks. Existing run-time randomization method TASR uses write/read operation pairing as a trigger condition for randomization during run. ... but... Trigger conditions are so broad that risk-free write operations can also trigger randomization in the run, resulting in poor program performance and particularly severe impact on I- / 0 intensive programs. In order to avoid unnecessary and time-consuming randomization operation, this paper studies the method of randomization defense of memory information leakage in operation, and refines the trigger condition of randomization in operation. In this paper, the main research work is as follows: 1) Analysis, summarizes the different types of memory layout information leakage and the principle of defense methods based on randomization. This paper mainly analyzes the problem of running overhead existing in the existing randomization methods and the reason why the randomization trigger condition is unreasonable. The randomization trigger condition in the running of TASR is write/read operation matching. Yeah, show up. Therefore, the bona fide write operation also triggers randomization in operation, which results in the loss of program performance. 2) in order to refine the trigger condition of randomization in operation, the concept of security sensitive region is defined. The write operation access to the security sensitive area is used as the trigger condition of the randomization operation, and the analysis and extraction method of the program security sensitive area are given. Security sensitive areas are memory areas that contain information that helps an attacker analyze the program's memory layout. Write access to it can enable an attacker to obtain information about the memory layout. Therefore, for risky memory access operations, the scope of the security sensitive area can be obtained by analyzing the metadata of the target file and monitoring the load / unload process, while checking the access target for the write operation. Judging whether to intersect with the security sensitive area to distinguish the operation without risk, so as to refine the trigger condition of randomization. 3) to extract the information of the security sensitive area by analyzing the segment table and section table of the target file. And monitoring the system calls associated with the load / unload operation. To determine the final location of the security-sensitive area. Then monitor the input / output related system calls to determine whether to trigger run-time randomization. Theoretical analysis shows that the improved method can maintain the same security as the original method. The Nginx network server is used as the sample of I / O intensive program. The experimental results show that the improved method can significantly reduce the cost of I / O intensive programs caused by the original method.
【學(xué)位授予單位】：南京大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2017
【分類號】：TP333.1;TP309

【相似文獻(xiàn)】

相關(guān)期刊論文 前5條

1 張文軍;張潤杰;古德祥;;具有隨機(jī)化統(tǒng)計檢驗(yàn)的聚類分析算法與網(wǎng)絡(luò)實(shí)現(xiàn)[J];計算機(jī)工程與科學(xué);2006年12期

2 溫晗;林懷忠;;利用PCA增強(qiáng)隨機(jī)化隱私數(shù)據(jù)保護(hù)方法[J];計算機(jī)應(yīng)用與軟件;2008年02期

3 劉子盟;陳先朝;;基于SHA-1算法的FPGA加密設(shè)計[J];計算機(jī)安全;2012年02期

4 張千里;李星;;保持前綴地址隨機(jī)化的混合算法[J];清華大學(xué)學(xué)報(自然科學(xué)版);2006年10期

5 ;[J];;年期

相關(guān)會議論文 前2條

1 陳冬;夏結(jié)來;蔣志偉;王永吉;;臨床試驗(yàn)中貝葉斯自適應(yīng)隨機(jī)化的介紹與評價[A];2011年中國衛(wèi)生統(tǒng)計學(xué)年會會議論文集[C];2011年

2 劉紅霞;鄭青山;;臨床試驗(yàn)中的中央隨機(jī)技術(shù)和電子化數(shù)據(jù)管理[A];定量藥理研究方法學(xué)培訓(xùn)班講義[C];2010年

相關(guān)博士學(xué)位論文 前1條

1 蔡宏偉;基于網(wǎng)絡(luò)的最小化隨機(jī)分組設(shè)盲系統(tǒng)[D];第四軍醫(yī)大學(xué);2006年

相關(guān)碩士學(xué)位論文 前7條

1 詹s，

本文編號：1467446