Control-flow integrity

attacks and protections

Research output: Contribution to journalSpecial issue

30 Downloads (Pure)

Abstract

Despite the intense efforts to prevent programmers from writing code with memory errors, memory corruption vulnerabilities are still a major security threat. Consequently, control-flow integrity has received significant attention in the research community, and software developers to combat control code execution attacks in the presence of type of faults. Control-flow Integrity (CFI) is a large family of techniques that aims to eradicate memory error exploitation by ensuring that the instruction pointer (IP) of a running process cannot be controlled by a malicious attacker. In this paper, we assess the effectiveness of 14 CFI techniques against the most popular exploitation techniques, including code reuse attacks, return-to-user, return-to-libc, and replay attacks. We also classify these techniques based on their security, robustness, and implementation complexity. Our study indicates that the majority of the CFI techniques are primarily focused on restricting indirect branch instructions and cannot prevent all forms of vulnerability exploitation. We conclude that the performance overhead introduced, jointly with the partial attack coverage, is discouraging the industry from adopting most of them.
Original languageEnglish
Article number4229
Number of pages22
JournalApplied Sciences
Volume9
Issue number20
DOIs
Publication statusPublished - 10 Oct 2019

Fingerprint

Flow control
integrity
attack
exploitation
Data storage equipment
vulnerability
education
programmers
dials
combat
reuse
photographic developers
industries
computer programs
Industry

Keywords

  • CFI protections
  • CFI attacks
  • Memory errors
  • Security
  • Exploitation

Cite this

@article{7d46ac1ab9624eb79a3d87d3b07b113a,
title = "Control-flow integrity: attacks and protections",
abstract = "Despite the intense efforts to prevent programmers from writing code with memory errors, memory corruption vulnerabilities are still a major security threat. Consequently, control-flow integrity has received significant attention in the research community, and software developers to combat control code execution attacks in the presence of type of faults. Control-flow Integrity (CFI) is a large family of techniques that aims to eradicate memory error exploitation by ensuring that the instruction pointer (IP) of a running process cannot be controlled by a malicious attacker. In this paper, we assess the effectiveness of 14 CFI techniques against the most popular exploitation techniques, including code reuse attacks, return-to-user, return-to-libc, and replay attacks. We also classify these techniques based on their security, robustness, and implementation complexity. Our study indicates that the majority of the CFI techniques are primarily focused on restricting indirect branch instructions and cannot prevent all forms of vulnerability exploitation. We conclude that the performance overhead introduced, jointly with the partial attack coverage, is discouraging the industry from adopting most of them.",
keywords = "CFI protections, CFI attacks, Memory errors, Security, Exploitation",
author = "Sarwar Sayeed and Hector Marco-Gisbert and Ismael Ripoll and Miriam Birch",
year = "2019",
month = "10",
day = "10",
doi = "10.3390/app9204229",
language = "English",
volume = "9",
journal = "Applied Sciences",
issn = "2076-3417",
publisher = "Multidisciplinary Digital Publishing Institute",
number = "20",

}

Control-flow integrity : attacks and protections. / Sayeed, Sarwar; Marco-Gisbert, Hector; Ripoll, Ismael; Birch, Miriam.

In: Applied Sciences, Vol. 9, No. 20, 4229, 10.10.2019.

Research output: Contribution to journalSpecial issue

TY - JOUR

T1 - Control-flow integrity

T2 - attacks and protections

AU - Sayeed, Sarwar

AU - Marco-Gisbert, Hector

AU - Ripoll, Ismael

AU - Birch, Miriam

PY - 2019/10/10

Y1 - 2019/10/10

N2 - Despite the intense efforts to prevent programmers from writing code with memory errors, memory corruption vulnerabilities are still a major security threat. Consequently, control-flow integrity has received significant attention in the research community, and software developers to combat control code execution attacks in the presence of type of faults. Control-flow Integrity (CFI) is a large family of techniques that aims to eradicate memory error exploitation by ensuring that the instruction pointer (IP) of a running process cannot be controlled by a malicious attacker. In this paper, we assess the effectiveness of 14 CFI techniques against the most popular exploitation techniques, including code reuse attacks, return-to-user, return-to-libc, and replay attacks. We also classify these techniques based on their security, robustness, and implementation complexity. Our study indicates that the majority of the CFI techniques are primarily focused on restricting indirect branch instructions and cannot prevent all forms of vulnerability exploitation. We conclude that the performance overhead introduced, jointly with the partial attack coverage, is discouraging the industry from adopting most of them.

AB - Despite the intense efforts to prevent programmers from writing code with memory errors, memory corruption vulnerabilities are still a major security threat. Consequently, control-flow integrity has received significant attention in the research community, and software developers to combat control code execution attacks in the presence of type of faults. Control-flow Integrity (CFI) is a large family of techniques that aims to eradicate memory error exploitation by ensuring that the instruction pointer (IP) of a running process cannot be controlled by a malicious attacker. In this paper, we assess the effectiveness of 14 CFI techniques against the most popular exploitation techniques, including code reuse attacks, return-to-user, return-to-libc, and replay attacks. We also classify these techniques based on their security, robustness, and implementation complexity. Our study indicates that the majority of the CFI techniques are primarily focused on restricting indirect branch instructions and cannot prevent all forms of vulnerability exploitation. We conclude that the performance overhead introduced, jointly with the partial attack coverage, is discouraging the industry from adopting most of them.

KW - CFI protections

KW - CFI attacks

KW - Memory errors

KW - Security

KW - Exploitation

U2 - 10.3390/app9204229

DO - 10.3390/app9204229

M3 - Special issue

VL - 9

JO - Applied Sciences

JF - Applied Sciences

SN - 2076-3417

IS - 20

M1 - 4229

ER -