摘要
As modern systems widely deploy protective measures for control data in memory,such as Control-Flow Integrity(CFI),attackers'ability to manipulate control data is greatly restricted.Consequently,attackers are turning to opportunities to manipulate non-control data in memory(known as Data-Oriented Attacks,or DOAs),which have been proven to pose significant security threats to memory.However,existing techniques to mitigate DOAs often introduce significant overhead due to the indiscriminate protection of a large range of data objects.To address this challenge,this paper adopts a Cyberspace Mimic Defense(CMD)strategy,a generic framework for addressing endogenous security vulnerabilities,to prevent attackers from executing DOAs using known or unknown security flaws.Specifically,we introduce a formalized expression algorithm that assesses whether DOA attackers can construct inputs to exploit vulnerability points.Building on this,we devise a key-area CMD strategy that modifies the coded pathway from input to the vulnerability point,thereby effectively thwarting the activation of the vulnerability.Finally,our experiments on real-world applications and simulation demonstrate that the key-area CMD strategy can effectively prevent DOAs by selectively diversifying parts of the program code.
基金
supported by the National Key R&D Program of China(2022YFB3102800)
