Design and implementation of hardware-based dynamic instruction set randomization framework
All the existing ISR methods have some defects including stripping data from code segment is hard to accomplish,static ISR has fixed key and pseudo-random key is not secure.To introduce ISR technology into the se-curity protection of kernel layer and application layer,hardware-based dynamic instruct...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2017-11-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2017.00216 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | All the existing ISR methods have some defects including stripping data from code segment is hard to accomplish,static ISR has fixed key and pseudo-random key is not secure.To introduce ISR technology into the se-curity protection of kernel layer and application layer,hardware-based dynamic instruction set randomization framework (HDISR) was designed and implemented,in which program code was encrypted at loading time.Kernel encryption uses kernel key and applications encryption uses a different user key per process.The experimental re-sults show that HDISR can degrade code injection attack to Denial of Service attack with less than 2.57% additional hardware and 0.31s startup delay of each megabyte code encryption. |
|---|---|
| ISSN: | 2096-109X |