Skip to main content
SpringerLink
Log in

Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity

  • Book
  • © 2021

Overview

Authors:
  1. Yan Lin

    1. School of Computing and Information Systems, Singapore Management University, Singapore, Singapore

    View author publications

    You can also search for this author in PubMed   Google Scholar

  • Provides deep understanding of Control-Flow Integrity
  • Offers new insights on the relationship between function signature and compiler optimization
  • Demonstrates how CFI can be more efficient than Data Execution Prevention

Part of the book series: Information Security and Cryptography (ISC)

This is a preview of subscription content, log in via an institution to check access.

Access this book

Log in via an institution
eBook USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Other ways to access

Licence this eBook for your library

Institutional subscriptions

Table of contents (6 chapters)

  1. Front Matter

    Pages i-xiii
    Download chapter PDF

  2. Introduction

    • Yan Lin
    Pages 1-6

  3. Literature Review

    • Yan Lin
    Pages 7-16

  4. When Function Signature Recovery Meets Compiler Optimization

    • Yan Lin
    Pages 17-52

  5. Control-Flow Carrying Code

    • Yan Lin
    Pages 53-76

  6. Control-Flow Integrity Enforcement with Dynamic Code Optimization

    • Yan Lin
    Pages 77-94

  7. Conclusions

    • Yan Lin
    Pages 95-95
Back to top

Keywords

About this book

There are three fundamental components in Control-Flow Integrity (CFI) enforcement. The first component is accurately recovering the policy (CFG). Usually, the more precise the policy is, the more security CFI improves, but precise CFG generation was considered hard without the support of source code. The second component is embedding the CFI policy securely. Current CFI enforcement usually inserts checks before indirect branches to consult a read-only table which stores the valid CFG information. However, this kind of read-only table can be overwritten by some kinds of attacks (e.g., the Rowhammer attack and data-oriented programming). The third component is to efficiently enforce the CFI policy. In current approaches CFI checks are always executed whenever there is an indirect control flow transfer. Therefore, it is critical to minimize the performance impact of CFI  checks.

In this book, we propose novel solutions to handle these three fundamental components.To generate a precise CFI policy without the support of the source code, we systematically study two methods which recover CFI policy based on function signature matching at the binary level and propose our novel rule- and heuristic-based mechanism to more accurately recover function signature. To embed CFI policy securely, we design a novel platform which encodes the policy into the machine instructions directly without relying on consulting any read-only data structure, by making use of the idea of instruction-set randomization. Each basic block is encrypted with a key derived from the CFG. To efficiently enforce CFI policy, we make use of a mature dynamic code optimization platform called DynamoRIO to enforce the policy so that we are only required to do the CFI check when needed.

Authors and Affiliations

  • School of Computing and Information Systems, Singapore Management University, Singapore, Singapore

    Yan Lin

About the author

Yan Lin is at the School of Computing and Information Systems, Singapore Management University. Her extensive studies have focused on the area of cybersecurity, and her current researches focus on software security and system security. 

Bibliographic Information

Publish with us

Policies and ethics

Back to top

Search

Navigation