Zhaohui Liang

Work place: School of information Renmin University of China, Key Laboratory of Data Engineering and Knowledge Engineering (Renmin University of China)

E-mail: lzh@ruc.edu.cn

Website:

Research Interests: Computer systems and computational processes, Computer Architecture and Organization, Information Security, Network Security, Data Structures and Algorithms, Information-Theoretic Security

Biography

Zhaohui Liang was born in P.R. China in 1968, earned B.S. degree in the field of communication engineering in 1989 and M.S. degree in the field of pattern recognition and artificial intelligence in 1992 from Huazhong University of Science and Technology, Wuhan city, P.R.China, earned Ph.D. in the field of network communication in 2005 from Beijing University of Posts and Telecommunications, Beijing , P.R. China.
She is now a LECTURER at the school of information, Renmin University of China (RUC). Before joining RUC, she was a research engineer at Institute of Automation, Chinese Academy of Science for 6 years. Recently she has published 14 research papers and 2 books in the area of Computer Science and Communication.
At the present time, she takes part in many research projects in the area of information security supported by National Natural Science Foundation of China under Grant No.60703102 and No.60873213; the Beijing Science Foundation under Grant No.4082018; the National 863 High-tech Program of China under Grant No.2007AA01Z414 respectively. Her current research interests include information security and wireless communication.
Dr. Zhaohui Liang is a member of China Computer Federation.

Author Articles
A System Call Randomization Based Method for Countering Code-Injection Attacks

By Zhaohui Liang Bin Liang Lupin Li

DOI: https://doi.org/10.5815/ijitcs.2009.01.01, Pub. Date: 8 Oct. 2009

Code-injection attacks pose serious threat to today’s Internet. The existing code-injection attack defense methods have some deficiencies on performance overhead and effectiveness. To this end, we propose a method that uses system called randomization to counter code injection attacks based on instruction set randomization idea. System calls must be used when an injected code would perform its actions. By creating randomized system calls of the target process, an attacker who does not know the key to the randomization algorithm will inject code that isn’t randomized like as the target process and is invalid for the corresponding de-randomized module. The injected code would fail to execute without calling system calls correctly. Moreover, with extended complier, our method creates source code randomization during its compiling and implements binary executable files randomization by feature matching. Our experiments on built prototype show that our method can effectively counter variety code injection attacks with low-overhead.

[...] Read more.
Other Articles