内存数据被污染往往是软件攻击的核心原因。现有研究已经提出了大量用于防御控制流攻击的措施。但是，目前还没有针对非控制流攻击的有效防御机制，其主要原因在于：现有的方法性能开销巨大、兼容性不足、以及防御效果不佳。为了减少内存数据污染攻击的危害，现代应用程序设计通常遵循多进程模型，将程序分割到不同的进程中，因此一个进程中的内存错误不会直接影响其他进程。但目前缺乏一种自动化的方法来分割传统COTS应用程序。本研究就实现基于语义的二进制程序自动分割机制的几个核心问题，包括针对敏感数据及其上下文信息的自动推理技术，基于上下文信息的程序自动分割技术，二进制程序分析和重写技术展开研究。本项目为防御内存数据污染攻击，尤其是非控制流攻击提供了一种新思路。

Memory corruption vulnerabilities are the root cause of many modern attacks. Numerous defenses have mainly focused on mitigating control-data attacks, leaving modern systems and programs vulnerable to non-control-flow attacks. The main drawbacks of existing non-control-flow attacks are in three aspects: overhead, compatibility, and soundness. To mitigate potential risk of these attacks, modern applications such as Chrome browser are designed to follow a multi-process model to quarantine programs into different processes, so that memory errors in one process do not directly affect other processes. However, there are no automated solutions to partition legacy COTS programs. This project will investigate some key technologies including the inference of data secrecy and their context and automated binary program partitioning approaches based on binary program analysis and rewriting. This project aims to provide a new solution to defend against memory corruption attacks, especially against non-control-flow attacks.