具有錯誤忽略能力之輕量級緩衝溢位保護機制

Abstract

緩衝溢位漏洞一直是個相當重要之網路安全議題。過去以來，多數的防治機制大多著重在於攻擊的偵測方面。為了降低受到攻擊所造成的傷害，這些防治機制在偵測到攻擊時，便終止受到攻擊之程式或是在有需要的情形下，重新啟動該程式。然而在面對自動化的重複攻擊時，這樣的作法對於多數的網路伺服器而言，卻不是一個理想的解決方式，因為不斷地重新啟動程式將大幅降低程式所能提供的服務能力。近年來，部份研究著重在將程式從受到攻擊後的狀態中回復並繼續執行。雖然這些機制能夠使程式能在自動化的重複攻擊之下，還能保持一定的服務能力，但是也同時衝擊了程式在平時效能。 這此論文中，我們提出了一個輕量級的機制。在攻擊回復的方面，應用了錯誤忽略的概念。這個機制透過將原始碼做轉換，同時對程式應用了多個保護技術。經過轉換的程式，可利用輕量級的技術提拱整體性的保護，並利用在執行期所蒐集的資訊，以函式為單位，選擇性針對部份的程式使用較重量級的技術，加強弱點的防護。我們的實驗數據顯示，轉換過之Apache伺服器只造成了極小的效能負擔，卻能在面對自動化的重複攻擊時，維持60%到70%的服務能力。而未經保護之版本，在同樣的攻擊下，只能提供低於10%的服務能力。

Buffer overflow vulnerability is a severe security problem due to insufficient bound checking of programs. Most research efforts were put on the detection of the attacks. Many proposed techniques terminate the compromised process upon detecting an attack and restart a new instance if necessary. However, while facing automated and repetitive attacks, terminating the compromised instance and restart a new one is probably not a desired reaction for most network services since it degrades the service availability. In the recent years, more research efforts focused on preserving service availability under repetitive attacks. However, while preserving service availability, their mechanisms also have a substantial impact on the performance of protected programs. In this paper, we propose a lightweight mechanism which adopts the idea of failure-oblivious computing on recovering programs from buffer overflow attacks. The proposed mechanism automatically transforms a program to apply multiple protection techniques on the program in a function-by-function basis. The transformed program minimizes performance overhead by selectively enabling heavyweight protection for only a small set of functions according to the run-time information collected during its execution. Our experiment results indicate that all transformed programs have very low impact on performance. It also indicates that the transformed Apache server preserves from 60% to 70% of service availability while the unprotected version renders less than 10% of service.