进程控制流完整性保护技术综述  被引量：3

作　　者：张正 薛静锋[2] 张静慈 陈田 谭毓安[1] 李元章[1] 张全新[1] ZHANG Zheng;XUE Jing-Feng;ZHANG Jing-Ci;CHEN Tian;TAN Yu-An;LI Yuan-Zhang;ZHANG Quan-Xin(School of Computer Science and Technology,Beijing Institute of Technology,Beijing 100081,China;School of Software,Beijing Institute of Technology,Beijing 100081,China)

机构地区：[1]北京理工大学计算机学院,北京100081 [2]北京理工大学软件学院,北京100081

出　　处：《软件学报》2023年第1期489-508,共20页Journal of Software

基　　金：国家自然科学基金(U1936218,62072037);之江实验室开放课题(2020LE0AB02)。

摘　　要：控制流劫持攻击利用程序内存漏洞获取程序的控制权,进而控制程序执行恶意代码,对系统安全造成极大的威胁.为了应对控制流劫持攻击,研究人员提出了一系列的防御手段.控制流完整性是一种运行时防御方法,通过阻止进程控制流的非法转移,来确保控制流始终处于程序要求的范围之内.近年来,越来越多的研究致力于解决控制流完整性的相关问题,例如提出新的控制流完整性方案、新的控制流完整性方案评估方法等.首先阐述了控制流完整性的基本原理,然后对现有控制流完整性方案进行了分类,并分别进行了分析,同时介绍了现有针对控制流完整性方案的评估方法与评价指标.最后,对控制流完整性的未来工作进行了展望,以期对未来的控制流完整性研究提供参考.Control-flow hijacking attacks exploit memory corruption vulnerabilities to grab control of the program,and then hijack the program to execute malicious code,which brings a great threat to system security.In order to prevent control-flow hijacking attacks,researchers have presented a series of defense methods.Control-flow integrity is a runtime defense method that prevents illegal transfer of process control-flow to ensure that control-flow is always within the range required by the program.In recent years,more and more research works are devoted to solving related problems of control-flow integrity,such as presenting new control-flow integrity schemes,new control-flow integrity scheme evaluation methods,etc.This study explains the basic principles of control flow integrity,and then classifies existing control flow integrity schemes.The existing evaluation methods and evaluation indicators of the control-flow integrity scheme are introduced at the same time.Finally,the thoughts on potential future work on control-flow integrity is summarized,which,hopefully,will provide an outlook of the research direction in the future.

关 键 词：控制流完整性 控制流劫持 控制流图 系统安全 

分 类 号：TP316[自动化与计算机技术—计算机软件与理论]