Code-reuse attacks have become a kind of common attack method, in which attackers use the existing code in the program to hijack the control flow. Most existing defenses focus on control flow integrity (CFI), code randomization, and software debloating. However, most fine-grained schemes of those that ensure such high security suffer from significant performance overhead, and only reduce attack surfaces such as software debloating can not defend against code-reuse attacks completely. In this paper, from the perspective of shrinking the available code space at runtime, we propose LoadLord, which dynamically loads, and timely unloads functions during program running to defend against code-reuse attacks. LoadLord can reduce the number of gadgets in memory, especially high-risk gadgets. Moreover, LoadLord ensures the control flow integrity of the loading process and breaks the necessary conditions to build a gadget chain. We implemented LoadLord on Linux operating system and experimented that when limiting only 1/16 of the original function. As a result, LoadLord can defend against code-reuse attacks and has an average runtime overhead of 1.7% on the SPEC CPU 2006, reducing gadgets by 94.02%.

翻译：代码复用攻击已成为一种常见的攻击方法，攻击者利用程序中现有代码劫持控制流。现有防御措施大多聚焦于控制流完整性（CFI）、代码随机化和软件精简。然而，这些确保高安全性的方案中，多数细粒度方法存在显著性能开销，而软件精简等仅缩小攻击面的方法无法完全防御代码复用攻击。本文从运行时缩减可用代码空间的角度出发，提出LoadLord，它通过在程序运行过程中动态加载并及时卸载函数来防御代码复用攻击。LoadLord能减少内存中的小工具（gadget）数量，尤其是高风险小工具。此外，LoadLord确保加载过程的控制流完整性，并破坏构建小工具链的必要条件。我们在Linux操作系统上实现了LoadLord，并进行了实验，当仅限制原始函数的1/16时，LoadLord能够防御代码复用攻击，在SPEC CPU 2006上的平均运行时开销为1.7%，小工具减少94.02%。