Skip to main content
SpringerLink
Log in

A Static Recognition Mechanism for Indirect Call Based on Static Single Assignment

  • Conference paper
Pervasive Computing and the Networked World (ICPCA/SWS 2013)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 8351))

  • 3036 Accesses

Abstract

By preventing attacks which exploit stack buffer overflow vulnerabilities, address space layout randomization is an effective way for embedded systems protection. However, ASLR will probably suffer exhaustive attacks because the pertinence is not strong. At present only coarse-grained randomization has been implemented because one of the key bottlenecks for fine-grained randomization is the dependencies between functions cannot be constructed completely due to indirect calls. As a result, we give a static inter-procedural backtracking recognition mechanism in this paper by using intermediate code analysis technologies to identify the destination addresses of indirect callings generated by function pointers.

This work is funded by the National Natural Science Foundation of China under Grant No. 61373010 and the National High Technology Research and Development Program of China under Grant No. 2011AA01A202.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ravi, S., Raghunathan, A., Kocher, P., et al.: Security in embedded systems: Design challenges. ACM Transactions on Embedded Computing Systems (TECS) 3(3), 461–491 (2004)

    Article  Google Scholar 

  2. Hsieh, G., Meeks, R., Marvel, L.: Supporting Secure Embedded Access Control Policy with XACML+ XML Security. In: 2010 5th International Conference on Future Information Technology (FutureTech), pp. 1–6. IEEE (2010)

    Google Scholar 

  3. Cowan, C., Pu, C., Maier, D., et al.: StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In: Proceedings of the 7th USENIX Security Symposium, vol. 81, pp. 346–355 (1998)

    Google Scholar 

  4. Cowan, C., Barringer, M., Beattie, S., et al.: FormatGuard: Automatic protection from printf format string vulnerabilities. In: Proceedings of the 10th USENIX Security Symposium, vol. 3 (2001)

    Google Scholar 

  5. Solar Designer. StackPatch, http://www.opwnwall.com/linux

  6. Bhatkar, S., DuVarney, D.C., Sekar, R.: Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In: Proceedings of the 12th USENIX Security Symposium, vol. 120 (2003)

    Google Scholar 

  7. Kil, C., Jun, J., Bookholt, C., et al.: Address space layout permutation (aslp): Towards fine-grained randomization of commodity software. In: 22nd Annual on Computer Security Applications Conference, ACSAC 2006, pp. 339–348. IEEE (2006)

    Google Scholar 

  8. Shacham, H.: The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 552–561. ACM (2007)

    Google Scholar 

  9. Jackson, T., Salamat, B., Wagner, G., et al.: On the effectiveness of multi-variant program execution for vulnerability detection and prevention. In: Proceedings of the 6th International Workshop on Security Measurements and Metrics, vol. 7. ACM (2010)

    Google Scholar 

  10. Shacham, H., Page, M., Pfaff, B., et al.: On the effectiveness of address space randomization. In: ACM conference on Computer and Communication s Security (CCS), Washington, DC, pp. 298–307 (2004)

    Google Scholar 

  11. Durden, T.: Bypassing pax aslr protection. Phrack Magazine 59(9), 9–9 (2002)

    Google Scholar 

  12. Wang, Z., Cheng, R., Gao, D.: Revisiting address space randomization. Information Security and Cryptology-ICISC 2011, 207–221 (2010)

    Google Scholar 

  13. Van Emmerik, M.J.: Static single assignment for decompilation. The University of Queensland (2007)

    Google Scholar 

  14. Appel, A.W.: Modern compiler implementation in Java. Cambridge University Press (1998)

    Google Scholar 

  15. Lang, B., Zhao, N., Ge, K., et al.: An XACML policy generating method based on policy view. In: Third International Conference on Pervasive Computing and Applications, ICPCA 2008, vol. 1, pp. 295–301. IEEE (2008)

    Google Scholar 

  16. Cytron, R., Ferrante, J., Rosen, B.K., et al.: Efficiently computing static single assignment form and the control dependence graph. ACM Transactions on Programming Languages and Systems (TOPLAS) 13(4), 451–490 (1991)

    Article  Google Scholar 

  17. Cifuentes, C., Simon, D.: Procedure abstraction recovery from binary code. In: Proceedings of the Fourth European Software Maintenance and Reengineering, pp. 55–64. IEEE (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Software Institute, Nanjing University, 210093, Nanjing, China

    Shixiang Gao, Tao Zheng & Xun Zhan

  2. National Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, China

    Tao Zheng, Xianping Tao, Junyuan Xie & Wenyang Bai

  3. School of Computer Science & Technology, Soochow University, 215006, Suzhou, China

    Qiaoming Zhu

Authors
  1. Shixiang Gao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tao Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xun Zhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xianping Tao
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Qiaoming Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Junyuan Xie
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Wenyang Bai
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Logistics Engineering, Wuhan University of Technology, 430063, Wuhan, Hubei, China

    Qiaohong Zu

  2. Facultad de Ingenieria y Ciencias Universidad Adolfo Ibanez, Vina del Mar, Chile

    Maria Vargas-Vera

  3. Fujitsu, Hayes, Middlesex, UK

    Bo Hu

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Gao, S. et al. (2014). A Static Recognition Mechanism for Indirect Call Based on Static Single Assignment. In: Zu, Q., Vargas-Vera, M., Hu, B. (eds) Pervasive Computing and the Networked World. ICPCA/SWS 2013. Lecture Notes in Computer Science, vol 8351. Springer, Cham. https://doi.org/10.1007/978-3-319-09265-2_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-09265-2_12

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-09264-5

  • Online ISBN: 978-3-319-09265-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation