检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]信息工程大学数学工程与先进计算国家重点实验室,河南郑州450001
出 处:《计算机应用与软件》2017年第12期313-320,共8页Computer Applications and Software
摘 要:指令集随机化技术是一种通过随机变换程序指令编码来抵御代码注入攻击的新型防御技术。现有指令集随机化技术还存在一定缺陷,如性能损耗大、指令数据混杂造成的编码难等。针对这些问题,提出一种基于编译置换的指令随机化技术。该技术在不降低防御效果的同时减少了随机化指令的数量,并在编译过程中实现了关键指令的随机置换,提高了指令随机化的性能和编码精确度。设计并实现了一套基于编译置换的指令随机化原型系统,验证了该技术的有效性。Instruction set injection attacks by random randomization technology is a new type of defense technology that protects against code transformation program instruction coding. The existing instruction set randomization technology also has some defects, such as large performance loss, mixed instruction and data can enhance the difficult of encoding. In order to solve these problems, a randomization technique based on compiler permutation was proposed. This technique reduces the number of randomization instructions without reducing the defense effect, and achieves the random replacement of the critical instruction in the compiling process, which improves the performance and coding accuracy of the instruction randomization. This paper designed and implemented compiled instruction randomization emulation based on compiling substitution and verified the effectiveness of the technique.
关 键 词:指令随机化 编译置换 SHELLCODE DynamoRIO 指令定位
分 类 号:TP309.1[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.170