Control-Flow Integrity: Attacks and Protections

Autor: Ismael Ripoll, Sarwar Sayeed, Hector Marco-Gisbert, Miriam Birch
Jazyk: angličtina
Rok vydání: 2019
Předmět:
Computer science
Memory corruption
security
Exploitation
Computer security
computer.software_genre
lcsh:Technology
lcsh:Chemistry
03 medical and health sciences
0302 clinical medicine
CFI protections
Code (cryptography)
Overhead (computing)
General Materials Science
memory errors
Memory errors
lcsh:QH301-705.5
Instrumentation
Replay attack
030304 developmental biology
Fluid Flow and Transfer Processes
0303 health sciences
lcsh:T
Process Chemistry and Technology
Code reuse
Indirect branch
CFI attacks
General Engineering
lcsh:QC1-999
Computer Science Applications
ARQUITECTURA Y TECNOLOGIA DE COMPUTADORES
08.- Fomentar el crecimiento económico sostenido
inclusivo y sostenible
el empleo pleno y productivo
y el trabajo decente para todos

lcsh:Biology (General)
lcsh:QD1-999
lcsh:TA1-2040
030220 oncology & carcinogenesis
Pointer (computer programming)
Security
lcsh:Engineering (General). Civil engineering (General)
computer
lcsh:Physics
exploitation
Zdroj: Applied Sciences, Vol 9, Iss 20, p 4229 (2019)
Applied Sciences
Volume 9
Issue 20
RiuNet. Repositorio Institucional de la Universitat Politécnica de Valéncia
instname
Popis: Despite the intense efforts to prevent programmers from writing code with memory errors, memory corruption vulnerabilities are still a major security threat. Consequently, control-flow integrity has received significant attention in the research community, and software developers to combat control code execution attacks in the presence of type of faults. Control-flow Integrity (CFI) is a large family of techniques that aims to eradicate memory error exploitation by ensuring that the instruction pointer (IP) of a running process cannot be controlled by a malicious attacker. In this paper, we assess the effectiveness of 14 CFI techniques against the most popular exploitation techniques, including code reuse attacks, return-to-user, return-to-libc, and replay attacks. We also classify these techniques based on their security, robustness, and implementation complexity. Our study indicates that the majority of the CFI techniques are primarily focused on restricting indirect branch instructions and cannot prevent all forms of vulnerability exploitation. We conclude that the performance overhead introduced, jointly with the partial attack coverage, is discouraging the industry from adopting most of them.
Databáze: OpenAIRE