A buffer overflow detection and defense method based on RiSC-V instruction set extension  

作　　者：Chang Liu Yan-Jun Wu Jing-Zheng Wu Chen Zhao 

机构地区：[1]Intelligent Software Research Center,Institute of Software,Chinese Academy of Sciences,Bejing,China [2]University of Chinese Academy of Sciences,Beijing,China [3]State Key Laboratory of Computer Science,Institute of Software,Chinese Academy of Sciences,Beijing,China

出　　处：《Cybersecurity》2024年第2期28-43,共16页网络空间安全科学与技术（英文）

基　　金：Strategic Priority Research Program of CAS(XDC05040000).

摘　　要：Buffer overflow poses a serious threat to the memory security of modern operating systems.It overwrites the con-tents of other memory areas by breaking through the buffer capacity limit,destroys the system execution environ-ment,and provides implementation space for various system attacks such as program control flow hijacking.That makes it a wide range of harms.A variety of security technologies have been proposed to deal with system security problems including buffer overflow.For example,No eXecute(NX for short)is a memory management technology commonly used in Harvard architecture.It can refuse the execution of code which residing in a specific memory,and can effectively suppress the abnormal impact of buffer overflow on control flow.Therefore,in recent years,it has also been used in the field of system security,deriving a series of solutions based on NX technology,such as ExecShield,DEP,StackGuard,etc.However,these security solutions often rely too much on the processor archi-tecture so that the protection coverage is insufficient and the accuracy is limited.Especially in the emerging system architecture field represented by RiSC-V,there is still a lack of effective solutions for buffer overflow vulnerabilities.With the continuous rapid development of the system architecture,it is urgent to develop defense methods that are applicable to different system application environments and oriented to all executable memory spaces to meet the needs of system security development.Therefore,we propose BOP,A new system memory security design method based on RISC-V extended instructions,to build a RISC-V buffer overflow detection and defense system and deal with the buffer overflow threat in RIsC-V.According to this method,NX technology can be combined with program control flow analysis,and Nx bit mechanism can be used to manage the executability of memory space,so as to achieve a more granular detection and defense of buffer overflow attacks that may occur in RISC-V system environment.In addition,The memory management an

关 键 词：RISc-V Operating system security Buffer overflow Control flow hijacking Nx bit Xibop 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]