Control-flow integrity: attacks and protections

Sarwar Sayeed, Hector Marco-Gisbert, Ismael Ripoll, Miriam Birch

    Research output: Contribution to journalSpecial issuepeer-review

    10 Citations (Scopus)
    159 Downloads (Pure)

    Abstract

    Despite the intense efforts to prevent programmers from writing code with memory errors, memory corruption vulnerabilities are still a major security threat. Consequently, control-flow integrity has received significant attention in the research community, and software developers to combat control code execution attacks in the presence of type of faults. Control-flow Integrity (CFI) is a large family of techniques that aims to eradicate memory error exploitation by ensuring that the instruction pointer (IP) of a running process cannot be controlled by a malicious attacker. In this paper, we assess the effectiveness of 14 CFI techniques against the most popular exploitation techniques, including code reuse attacks, return-to-user, return-to-libc, and replay attacks. We also classify these techniques based on their security, robustness, and implementation complexity. Our study indicates that the majority of the CFI techniques are primarily focused on restricting indirect branch instructions and cannot prevent all forms of vulnerability exploitation. We conclude that the performance overhead introduced, jointly with the partial attack coverage, is discouraging the industry from adopting most of them.
    Original languageEnglish
    Article number4229
    Number of pages22
    JournalApplied Sciences
    Volume9
    Issue number20
    DOIs
    Publication statusPublished - 10 Oct 2019

    Keywords

    • CFI protections
    • CFI attacks
    • Memory errors
    • Security
    • Exploitation

    Fingerprint

    Dive into the research topics of 'Control-flow integrity: attacks and protections'. Together they form a unique fingerprint.

    Cite this