| Issue |
Security and Safety
Volume 4, 2025
|
|
|---|---|---|
| Article Number | 2024015 | |
| Number of page(s) | 19 | |
| Section | Other Fields | |
| DOI | https://doi.org/10.1051/sands/2024015 | |
| Published online | 30 January 2025 | |
Research Article
Key-area cyberspace mimic defense against data-oriented attacks
1
Institute of BigData, Fudan University, Shanghai, 200437, China
2
Purple Mountain Laboratories, Nanjing, 211111, China
3
School of Computer Science, Fudan University, Shanghai, 200433, China
* Corresponding authors (email: pchen@fudan.edu.cn)
Received:
7
May
2024
Revised:
20
August
2024
Accepted:
15
October
2024
As modern systems widely deploy protective measures for control data in memory, such as Control-Flow Integrity (CFI), attackers’ ability to manipulate control data is greatly restricted. Consequently, attackers are turning to opportunities to manipulate non-control data in memory (known as Data-Oriented Attacks, or DOAs), which have been proven to pose significant security threats to memory. However, existing techniques to mitigate DOAs often introduce significant overhead due to the indiscriminate protection of a large range of data objects. To address this challenge, this paper adopts a Cyberspace Mimic Defense (CMD) strategy, a generic framework for addressing endogenous security vulnerabilities, to prevent attackers from executing DOAs using known or unknown security flaws. Specifically, we introduce a formalized expression algorithm that assesses whether DOA attackers can construct inputs to exploit vulnerability points. Building on this, we devise a key-area CMD strategy that modifies the coded pathway from input to the vulnerability point, thereby effectively thwarting the activation of the vulnerability. Finally, our experiments on real-world applications and simulation demonstrate that the key-area CMD strategy can effectively prevent DOAs by selectively diversifying parts of the program code.
Key words: Cyberspace mimic defense / Data-oriented attacks / Large language model
Citation: Chen P, Wei J, Yu Z and and Chen J. Key-area cyberspace mimic defense against data-oriented attacks. Security and Safety 2025; 4: 2024015. https://doi.org/10.1051/sands/2024015
© The Author(s) 2025. Published by EDP Sciences and China Science Publishing & Media Ltd.
This is an Open Access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.
Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.
Initial download of the metrics may take a while.