Code Pointer Integrity

References:

Motivation

CFI 1 2 3 4 5 is shown to be ineffective 6 7 8.

Transactions on Information Forensics and Security, 6(4):1404–1417, Dec. 2011.

More

  • Code-Pointer Integrity

    • References: Code-Pointer Integrity Goal Guarantees the integrity of all code pointers in a program, e.g. function pointers, saved return addresses), and thereby prevents all control-flow hijack attacks, including return-oriented programming. Challenges Hard to make Low level languages safe (C/C++) while preserving their benefits including performance and flexible programming patterns. Data execution prevention(DEP): return-to-libc [^c37] attack, ROP[^c44] [^c8], Turning-complete computations. Address Space Layout Randomization (ASLR): defeated by pointer leaks, side channel attacks [^c22], and just-in-time code reuse attacks [^c45].

  1. M. Abadi, M. Budiu, U. Erlingsson, and J. Ligatti. Control-flow integrity. In ACM Conf. on Computer and Communication Security, 2005 ↩
  2. J. Li, Z. Wang, T. K. Bletsch, D. Srinivasan, M. C. Grace, and X. Jiang. Comprehensive and efficient protection of kernel control data. IEEE ↩
  3. C. Zhang, T. Wei, Z. Chen, L. Duan, L. Szekeres, S. McCamant, D. Song, and W. Zou. Practical Control Flow Integrity & Randomization for Binary Executables. In IEEE Symp. on Security and Privacy, 2013. ↩
  4. M. Zhang and R. Sekar. Control flow integrity for COTS binaries. In USENIX Security Symposium, 2013. ↩
  5. B. Niu and G. Tan. Modular control-flow integrity. In ACM Conf. on Programming Language Design and Implementation, 2014. ↩
  6. E. Göktaş, E. Athanasopoulosy, H. Bos, and G. Portokalidis. Out of control: Overcoming control-flow integrity. In IEEE Symp. on Security and Privacy, 2014. ↩
  7. L. Davi, A.-R. Sadeghi, D. Lehmann, and F. Monrose. Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection. In USENIX Security Symposium, 2014. ↩
  8. N. Carlini and D. Wagner. Rop is still dangerous: Breaking modern defenses. In USENIX Security Symposium, 2014. ↩
Created Oct 11, 2020 // Last Updated Aug 7, 2021

If you could revise
the fundmental principles of
computer system design
to improve security...

... what would you change?