计算机工程2024,Vol.50Issue(1):138-144,7.DOI:10.19678/j.issn.1000-3428.0066174
面向二进制代码的细粒度软件多样化方法
Binary Code-Oriented Fine-Grained Software Diversification Method
摘要
Abstract
Most software diversification methods require source codes and generate variant binaries based on the compilers used.However,when converting binary codes directly,reversing them correctly is difficult owing to insufficient debugging information,and high performance overheads can be generated easily.Hence,a fine-grained software diversification method for binary codes is proposed herein.Using static binary rewriting technology to reorder function blocks,randomizing the original position of functions in code snippets,and changing the position of a program's memory segment gadgets,attackers lose their prior knowledge regarding the program to defend against large-scale code reuse attacks.To further increase the difficulty of cracking by attackers,dependency analysis is performed on the instructions within the basic block,and the instructions within the basic block are randomized while maintaining the original semantics of the randomized basic block.Performance test results show that the effect of function reordering on the survival rate of gadgets is greater than that of instruction reordering within the basic block.When both are performed simultaneously,the average survival rate of gadgets in the program is 5.71%.Comparison based on the fuzzy hash algorithm Tlsh show that this method can effectively avoid homology detection.Test results obtained using the tool Bindiff show that the heterogeneity of instruction reordering within the basic block after diversification is greater than that of function reordering.Moreover,on the benchmark test set SPEC CPU2006,when both function reordering and instruction reordering are performed simultaneously,the average operating cost is only 3.1%,thus indicating good practicality.关键词
软件多样化/代码重用攻击/二进制重写/代码随机化/数据依赖性Key words
software diversification/code-reuse attacks/binary rewriting/code randomization/data dependency分类
信息技术与安全科学引用本文复制引用
何本伟,郭云飞,梁浩,王庆丰..面向二进制代码的细粒度软件多样化方法[J].计算机工程,2024,50(1):138-144,7.基金项目
国家自然科学基金(62002383) (62002383)
国家重点研发计划(2021YFB1006200,2021YFB1006201). (2021YFB1006200,2021YFB1006201)
