Defense Method of Ruby Code Injection Attack Based on Instruction Set Randomization

Abstract

Code injection attack is a major security threat to applications, especially web applications. This type of attack stems from the attacker's ability to use the vulnerability/backdoor of the application to inject a malicious program into the server and execute it, or the application's lack of verification and filtering of user input parameters, resulting in the input being executed as a malicious program to achieve the attack aims. The existing defense methods, such as source program analysis and input rule matching, have inherent defects in the face of code injection attacks. In order to improve the defense effect of web applications against code injection attacks, a method against code injection based on instruction set randomization was proposed. The defense method does not depend on the attack method adopted by the attacker, and can resist unknown code injection attacks. Based on this technology, the concept of dynamic transformation is introduced to improve the defense ability. Even if the attacker obtains the randomization method, it is difficult to break through the system. Although this method requires randomized transformation of the application source code, the processing process is completely automated. Experiments show that this method can effectively resist code injection attacks and achieve active defense against attacks.