Control-Flow Integrity: Attacks and Protections
Autor: | Ismael Ripoll, Sarwar Sayeed, Hector Marco-Gisbert, Miriam Birch |
---|---|
Jazyk: | angličtina |
Rok vydání: | 2019 |
Předmět: |
Computer science
Memory corruption security Exploitation Computer security computer.software_genre lcsh:Technology lcsh:Chemistry 03 medical and health sciences 0302 clinical medicine CFI protections Code (cryptography) Overhead (computing) General Materials Science memory errors Memory errors lcsh:QH301-705.5 Instrumentation Replay attack 030304 developmental biology Fluid Flow and Transfer Processes 0303 health sciences lcsh:T Process Chemistry and Technology Code reuse Indirect branch CFI attacks General Engineering lcsh:QC1-999 Computer Science Applications ARQUITECTURA Y TECNOLOGIA DE COMPUTADORES 08.- Fomentar el crecimiento económico sostenido inclusivo y sostenible el empleo pleno y productivo y el trabajo decente para todos lcsh:Biology (General) lcsh:QD1-999 lcsh:TA1-2040 030220 oncology & carcinogenesis Pointer (computer programming) Security lcsh:Engineering (General). Civil engineering (General) computer lcsh:Physics exploitation |
Zdroj: | Applied Sciences, Vol 9, Iss 20, p 4229 (2019) Applied Sciences Volume 9 Issue 20 RiuNet. Repositorio Institucional de la Universitat Politécnica de Valéncia instname |
Popis: | Despite the intense efforts to prevent programmers from writing code with memory errors, memory corruption vulnerabilities are still a major security threat. Consequently, control-flow integrity has received significant attention in the research community, and software developers to combat control code execution attacks in the presence of type of faults. Control-flow Integrity (CFI) is a large family of techniques that aims to eradicate memory error exploitation by ensuring that the instruction pointer (IP) of a running process cannot be controlled by a malicious attacker. In this paper, we assess the effectiveness of 14 CFI techniques against the most popular exploitation techniques, including code reuse attacks, return-to-user, return-to-libc, and replay attacks. We also classify these techniques based on their security, robustness, and implementation complexity. Our study indicates that the majority of the CFI techniques are primarily focused on restricting indirect branch instructions and cannot prevent all forms of vulnerability exploitation. We conclude that the performance overhead introduced, jointly with the partial attack coverage, is discouraging the industry from adopting most of them. |
Databáze: | OpenAIRE |
Externí odkaz: |