uCFI
References:
UCT: Unique Code Target
ICT: Indirect Control-flow Transfer
Key: collecting the necessary runtime information and using it to augment the points-to analysis on control data.
Contraining data: the data helps to determine the target of indirect calls.
- How to identify the constraining data?
- How to collect this data efficiently?
- How to perform the points-to analysis efficiently and accurately?
Identify constraining data
- Static data-flow analysis to accurately identify contraining daa from the program source code.
- Starts from code pointers
- Recursively identifies variables that are involved in calculating known constraining data.
- A novel arbitrary data collection technique to record all constraining data as indirect control-flow transfers, and rely on a hardware feature for efficient recording.
- A monitor runs in parallel with the program execution.
Algorithms
More