ROP (Return-Oriented Program) protection method based on attack tree

The invention discloses an ROP (Return-Oriented Program) protection method based on an attack tree and belongs to the field of software security of computers. The ROP protection method comprises the following steps: extracting gadgets instruction segments from a program to be protected and a system library file; determining the type of each extracted gadgets instruction segment, and selecting a plurality of sensitive system functions; carrying out attack modeling by utilizing the extracted gadgets instruction segments through a method of constructing the attack tree, and analyzing all attack methods to obtain key gadgets; finally, protecting the key gadgets. The program is protected by utilizing an attack modeling manner, so that the difficulty that an attacker hijacks a control flow is enhanced and the protection efficiency is improved, and finally, the program control flow is safer. 本发明公开了种基于攻击树的ROP防护方法，属于计算机软件安全领域，所述发明包括提取待保护程序和系统库文件中的gadgets指令片段，确定提取出的每个gadgets指令片段的类型，选取多个敏感系统函数，利用提取出来的gadgets指令片段以构造攻击树的方