Memory-unsafe programming languages,such as C/C++,are often used to develop system programs,rendering the programs susceptible to a variety of memory corruption attacks.Among these threats,just-in-time return-oriented...Memory-unsafe programming languages,such as C/C++,are often used to develop system programs,rendering the programs susceptible to a variety of memory corruption attacks.Among these threats,just-in-time return-oriented programming(JIT-ROP)stands out as an advanced method for conducting code-reuse attacks,effectively circumventing code randomization safeguards.JIT-ROP leverages memory disclosure vulnerabilities to obtain reusable code fragments dynamically and assemble malicious payloads dynamically.In response to JIT-ROP attacks,several re-randomization implementations have been developed to prevent the use of disclosed code.However,existing re-randomization methods require recurrent re-randomization during program runtime according to fixed time windows or specific events such as system calls,incurring significant runtime overhead.In this paper,we present the design and implementation of PtrProxy,an efficient re-randomization approach on the AArch64 platform.Unlike previous methods that necessitate frequent runtime rerandomization or reply on unreliable triggering conditions,this approach triggers the re-randomization process by detecting the code page harvest operation,which is a fundamental operation of the JIT-ROP at-tacks,making our method more efficient and reliable than previous approaches.We evaluate PtrProxy on benchmarks and real-world applications.The evaluation results show that our approach can effectively protect programs from JIT-ROP attacks while introducing marginal runtime overhead.展开更多
After describing the characteristics of programming paradigm, this paper introduces the approach of code component composition reuse in detail, proposes and discusses viewpoint that code component composition reuse is...After describing the characteristics of programming paradigm, this paper introduces the approach of code component composition reuse in detail, proposes and discusses viewpoint that code component composition reuse is a kind of new programming paradigm. This paper also specifies the characteristics of this new programming paradigm in detail, and points out some issues that must be resolved for using this new programming paradigm.展开更多
Software developers often write code that has similar functionality to existing code segments.A code recommendation tool that helps developers reuse these code fragments can significantly improve their efficiency.Seve...Software developers often write code that has similar functionality to existing code segments.A code recommendation tool that helps developers reuse these code fragments can significantly improve their efficiency.Several methods have been proposed in recent years.Some use sequence matching algorithms to find the related recommendations.Most of these methods are time-consuming and can leverage only low-level textual information from code.Others extract features from code and obtain similarity using numerical feature vectors.However,the similarity of feature vectors is often not equivalent to the original code’s similarity.Structural information is lost during the process of transforming abstract syntax trees into vectors.We propose an approximate sub-tree matching based method to solve this problem.Unlike existing tree-based approaches that match feature vectors,it retains the tree structure of the query code in the matching process to find code fragments that best match the current query.It uses a fast approximation sub-tree matching algorithm by transforming the sub-tree matching problem into the match between the tree and the list.In this way,the structural information can be used for code recommendation tasks that have high time requirements.We have constructed several real-world code databases covering different languages and granularities to evaluate the effectiveness of our method.The results show that our method outperforms two compared methods,SENSORY and Aroma,in terms of the recall value on all the datasets,and can be applied to large datasets.展开更多
基金supported in part by the National Natural Science Foundation of China(62272351,61972297,62172308).
文摘Memory-unsafe programming languages,such as C/C++,are often used to develop system programs,rendering the programs susceptible to a variety of memory corruption attacks.Among these threats,just-in-time return-oriented programming(JIT-ROP)stands out as an advanced method for conducting code-reuse attacks,effectively circumventing code randomization safeguards.JIT-ROP leverages memory disclosure vulnerabilities to obtain reusable code fragments dynamically and assemble malicious payloads dynamically.In response to JIT-ROP attacks,several re-randomization implementations have been developed to prevent the use of disclosed code.However,existing re-randomization methods require recurrent re-randomization during program runtime according to fixed time windows or specific events such as system calls,incurring significant runtime overhead.In this paper,we present the design and implementation of PtrProxy,an efficient re-randomization approach on the AArch64 platform.Unlike previous methods that necessitate frequent runtime rerandomization or reply on unreliable triggering conditions,this approach triggers the re-randomization process by detecting the code page harvest operation,which is a fundamental operation of the JIT-ROP at-tacks,making our method more efficient and reliable than previous approaches.We evaluate PtrProxy on benchmarks and real-world applications.The evaluation results show that our approach can effectively protect programs from JIT-ROP attacks while introducing marginal runtime overhead.
文摘After describing the characteristics of programming paradigm, this paper introduces the approach of code component composition reuse in detail, proposes and discusses viewpoint that code component composition reuse is a kind of new programming paradigm. This paper also specifies the characteristics of this new programming paradigm in detail, and points out some issues that must be resolved for using this new programming paradigm.
基金supported by the National Natural Science Foundation of China(No.61772270)。
文摘Software developers often write code that has similar functionality to existing code segments.A code recommendation tool that helps developers reuse these code fragments can significantly improve their efficiency.Several methods have been proposed in recent years.Some use sequence matching algorithms to find the related recommendations.Most of these methods are time-consuming and can leverage only low-level textual information from code.Others extract features from code and obtain similarity using numerical feature vectors.However,the similarity of feature vectors is often not equivalent to the original code’s similarity.Structural information is lost during the process of transforming abstract syntax trees into vectors.We propose an approximate sub-tree matching based method to solve this problem.Unlike existing tree-based approaches that match feature vectors,it retains the tree structure of the query code in the matching process to find code fragments that best match the current query.It uses a fast approximation sub-tree matching algorithm by transforming the sub-tree matching problem into the match between the tree and the list.In this way,the structural information can be used for code recommendation tasks that have high time requirements.We have constructed several real-world code databases covering different languages and granularities to evaluate the effectiveness of our method.The results show that our method outperforms two compared methods,SENSORY and Aroma,in terms of the recall value on all the datasets,and can be applied to large datasets.
