由于C与C++等计算机程序中广泛存在的漏洞，攻击者可以读取或篡改内存中的数据，导致程序执行异常的行为和逻辑，对计算机系统的安全造成了严重威胁。内存数据包括控制相关数据和非控制相关数据。控制数据攻击如代码注入攻击、代码复用攻击等因成本较低得到广泛利用。为此研究人员提出了各种防御技术阻止此类攻击，但基于动态生成代码的JIT-ROP类攻击以及间接地址泄漏的防护相对薄弱。并且，随着控制数据攻击的难度越来越大，非控制数据攻击逐渐得到重视，特别是数据导向编程DOP的提出更是证明了非控制数据攻击的图灵完备，但是目前国内外缺乏对此类攻击的防御研究。因此，本课题根据攻击过程不同阶段的攻击目标开展JIT-ROP代码复用攻击、间接内存地址泄露和非控制数据攻击的防御技术研究。该课题的研究将有助于内存攻击威胁的缓解，提升我国计算机系统在网络空间安全博弈中的防御能力。

Due to the widespread existence of vulnerabilities in computer programs such as C and C++, attackers can read or tamper the data in memory based on these vulnerabilities, causing the program to perform abnormal behavior and logic, posing a serious threat to the security of computer systems. Memory data includes control-related data and non-control-related data. Control data attacks such as code injection attacks, code reuse attacks, are widely used due to lower costs. To this end, researchers have proposed various defense techniques to prevent such attacks, but the protection of the JIT-ROP attack based on dynamically generated code and indirect address disclosure are relatively weak. Moreover, with the increasing difficulty of control data attacks, non-control data attacks are valued gradually. In particular, the introduction of data-oriented programming DOP has proved the Turing complete properties of non-control data attacks. However, the published articles at home and abroad are lacking comprehensive study of the protection on such attacks. As a result, we propose this subject to conduct the research on memory attack protection. Our purpose is to defense JIT-ROP code reuse attacks, indirect memory address disclosure and non-control data attacks according the attack goal of different stages on the attack process. We believe that our work will help to alleviate the threat of memory attack and enhance the defense ability of our country's computer system in cyberspace security game.