计算机工程 ›› 2009, Vol. 35 ›› Issue (10): 139-141.doi: 10.3969/j.issn.1000-3428.2009.10.045

• 安全技术 • 上一篇    下一篇

运行时刻的地址空间重复随机化方法

陆 明,王小黎,谢 立   

  1. (南京大学计算机科学与技术系计算机软件新技术国家重点实验室,南京 210093)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2009-05-20 发布日期:2009-05-20

Method of Address-space Re-randomization at Runtime

LU Ming, WANG Xiao-li, XIE Li   

  1. (State Key Laboratory of Novel Computer Software Technology, Department of Computer Science and Technology, Nanjing University, Nanjing 210093)
  • Received:1900-01-01 Revised:1900-01-01 Online:2009-05-20 Published:2009-05-20

摘要: 针对现有的地址空间随机化技术实施随机化时机有限的问题,提出一种在运行时刻能重复随机化部分地址空间对象的方法。通过修改动态连接器,在不重新启动受保护进程的情况下,重复随机化地址空间中的动态共享库。分析结果表明,该方法可成功地将攻击概率从O(pT)降低到 ,进一步增强地址空间随机化技术的防御能力。

关键词: 地址空间随机化, 细粒度随机化, 静态随机化, 动态随机化, 重复随机化

Abstract: Due to current address-space randomization techniques having only limited timings to deploy randomization, this paper proposes a new method to re-randomize the address space at runtime. By modifying the dynamic linker, this new method can randomize some kind of dynamic shared libraries in address space of target process without restarting. The result of analysis shows that the new method can reduce the probability of successful attack from O(pT) to .

Key words: address-space randomization, fine-grained randomization, static randomization, dynamic randomization, re-randomization

中图分类号: