{"title":"基于保长置换的指令集随机化","authors":"Jianming Fu, Xu Zhang, Yan Lin","doi":"10.1109/Trustcom.2015.397","DOIUrl":null,"url":null,"abstract":"Traditional instruction randomization using XOR operator or AES encryption is lack of instruction semantics after transforming and is not beneficial to the fast implementation on hardware, and its security only relies on a random key. This paper proposes an Instruction-Set Randomization using Length-preserving Permutation (LP-ISR). This approach can defend against code-injection attacks by transforming the instruction-set using multidimensional-hash instruction tables, instruction permutation tables and a random key. Simultaneously, the instruction semantics has been preserved after transformation, which is suitable to the fast implementation on hardware. In contrast with traditional approaches, the security of LP-ISR depends on the multidimensional-hash instruction tables, the size of instruction-set, the instruction permutation tables and the random key, which extends the security of LP-ISR from a simple key to efficient data structure. Finally, we have implemented LP-ISR using a dynamic binary instrumentation tool Pin and our experimental results demonstrate that our approach is feasible and acceptable.","PeriodicalId":277092,"journal":{"name":"2015 IEEE Trustcom/BigDataSE/ISPA","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"An Instruction-Set Randomization Using Length-Preserving Permutation\",\"authors\":\"Jianming Fu, Xu Zhang, Yan Lin\",\"doi\":\"10.1109/Trustcom.2015.397\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Traditional instruction randomization using XOR operator or AES encryption is lack of instruction semantics after transforming and is not beneficial to the fast implementation on hardware, and its security only relies on a random key. This paper proposes an Instruction-Set Randomization using Length-preserving Permutation (LP-ISR). This approach can defend against code-injection attacks by transforming the instruction-set using multidimensional-hash instruction tables, instruction permutation tables and a random key. Simultaneously, the instruction semantics has been preserved after transformation, which is suitable to the fast implementation on hardware. In contrast with traditional approaches, the security of LP-ISR depends on the multidimensional-hash instruction tables, the size of instruction-set, the instruction permutation tables and the random key, which extends the security of LP-ISR from a simple key to efficient data structure. Finally, we have implemented LP-ISR using a dynamic binary instrumentation tool Pin and our experimental results demonstrate that our approach is feasible and acceptable.\",\"PeriodicalId\":277092,\"journal\":{\"name\":\"2015 IEEE Trustcom/BigDataSE/ISPA\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-08-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE Trustcom/BigDataSE/ISPA\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/Trustcom.2015.397\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE Trustcom/BigDataSE/ISPA","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/Trustcom.2015.397","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Instruction-Set Randomization Using Length-Preserving Permutation
Traditional instruction randomization using XOR operator or AES encryption is lack of instruction semantics after transforming and is not beneficial to the fast implementation on hardware, and its security only relies on a random key. This paper proposes an Instruction-Set Randomization using Length-preserving Permutation (LP-ISR). This approach can defend against code-injection attacks by transforming the instruction-set using multidimensional-hash instruction tables, instruction permutation tables and a random key. Simultaneously, the instruction semantics has been preserved after transformation, which is suitable to the fast implementation on hardware. In contrast with traditional approaches, the security of LP-ISR depends on the multidimensional-hash instruction tables, the size of instruction-set, the instruction permutation tables and the random key, which extends the security of LP-ISR from a simple key to efficient data structure. Finally, we have implemented LP-ISR using a dynamic binary instrumentation tool Pin and our experimental results demonstrate that our approach is feasible and acceptable.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
