Getting in control of your control flow with control-data isolation

Proceedings of the 2015 IEEE/ACM International Symposium on Code Generation and Optimization, CGO 2015

Volumn , Issue , 2015, Pages 79-90

  Arthur, William ^a   Mehne, Ben ^b   Das, Reetuparna ^a   Austin, Todd ^a  

^a UNIVERSITY OF MICHIGAN   (United States)

^b UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

BENCHMARKING; SECURITY OF DATA;

CONTROL FLOWS; CONTROL-FLOW STRUCTURES; EDGE CHECKING; INFORMATION AGE; PROGRAM CONTROL; PROGRAM COUNTERS; SECURE COMPUTATION; SOFTWARE ATTACKS;

POLLUTION CONTROL;

EID: 84961288130     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CGO.2015.7054189     Document Type: Conference Paper

References (35)

1. M. Abadi, M. Budiu, U. Erlingsson, and J. Ligatti, Control Flow Integrity, ACM Trans. Inf. Syst. Secur., 2009, pp. 1-40.
2. K. Anand et al., A compiler-level intermediate representation based binary analysis and rewriting system, Proc. of the 8th ACM European Conf. on Computer Systems, 2013, pp. 295-308.
3. D. Bacon and P. Sweeny, Fast Static Analysis of C++ Virtual function Calls, Proc. of theConf. on Object-Oriented Programming, Systems, Languages, an Applications, 1996, pp. 324-341.
4. A. R. Bernat and B. P. Miller, Anywhere, any-time binary instrumentation, Proceedings of the 10th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools, 2011, pp. 9-16.
5. A.R. Bernat and B.P. Miller, Structured Binary Editing with a CFG Transformation Algebra, 19th Working Conference on Reverse Engineering (WCRE), 2012, pp. 9-18.
6. T. Bletsch, X. Jiang, and V. Freeh, Mitigating code-reuse attacks with control-flow locking, Proc. of the 27th Annual Comp. Sec. App. Conf., 2011, pp. 353-362.
7. M., Erlingsson, U. Budiu and M. Abadi, Architectural support for software-based protection, Proceedings of the 1st workshop on Architectural and system support for improving software dependability, 2006, pp. 42-51.
8. c0ntext. (2012, April) Bypassing non-executable stack during exploitation using return-to-libc. [Online]. http://css.csail.mit.edu/6.858/2012/readings/return-to-libc.pdf
9. c0ntext. (2011) How to Hijack the Global Offset Table with pointers. [Online]. http://www.exploit-db.com/papers/13203/
10. C. Cowan, S. Beattie, J. Johansen, and P. Wagle, Point-Guard: Protecting pointers from buffer overflow vulnerabilities, 12th USENIX Security Symposium, 2003.
11. L. Garber, Melissa Virus Creates a New Type of Threat, Computer, vol. 32, no. 6, pp. 16-19, 1999.
12. Gartner. (2013) Gartner. [Online]. http://www.gartner.com/technology/home.jsp
13. J.L. Greathouse et al., Testudo: Heavyweight security analysis via statistical sampling, 41st IEEE/ACM International Symposium on Microarchitecture, 2008, pp. 117-128.
14. K. Ishizaki, M. Kawahito, T. Yasue, H. Komatsu, and T. Nakatani, A Study of Devirtualization TEchniques for a Java Just-In-Time Compiler, Proc. of theConf. on Object-Oriented Programming, Systems, Languages, an Applications, 2000, pp. 294-310.
15. Kaspersky. (2013) Computer Threats. [Online]. http://www.kaspersky.com/threats
16. H. Kim et al., VPC prediction: reducing the cost of indirect branches via hardware-based dynamic devirtualization, Proceed. of the Interntl. Symp. on Computer Architecture, 2007, pp. 424-435.
17. V. Kiriansky, D. Bruening, and S. Amarasinghe, Secure execution via program shepherding, Proc. of the USENIX Security Symp., 2002.
18. B. Kuhn and D. Binkley, An enabling optimization for C++ virtual functions, Proceedings of the 1996 ACM symposium on Applied Computing, 1996, pp. 420-428.
19. C. Lattner and V. Adve, LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation, Proc. of the Intl. Symp. on Code Generation and Optimization (CGO), 2004.
20. (2014, February) musl-libc. [Online]. http://www.musl-libc.org/
21. K. Onarlioglu, L. Bilge, A. Lanzi, D. Balzarotti, and E. Kirda, G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries, Proc. of the Annual Computer Security App. Conf., 2010, pp. 49-58.
22. Jr., N. Petroni and M. Hicks, Automated detection of persistent kernel control-flow attacks, Proceedings of the 14th ACM conference on Computer and communications security, 2007, pp. 103-115.
23. J. Pewny and T. Holz, Control-Flow Restrictor: Compiler-based CFI for iOS, Proc. of the Annual Comp. Security App. Conf., 2013, pp. 309-318.
24. M. Prasad and T. Chiueh, A binary rewriting defense against stack based buffer overflow attacks, Proc. of Usenix Tech. Conf., 2003, pp. 211-224.
25. M. Ramilli. (2011, November) Global Offset Table Injection Procedure. [Online]. http://marcoramilli.blogspot.com/2011/11/global-offset-table-injection-procedure.html
26. Y. Shi, S. Dempsey, and G. Lee, Architectural Support for Run-Time Validation of Control Flow Transfer, International Conference on Computer Design (ICCD), 2006, pp. 506-513.
27. Y. Shi and G. Lee, Augmenting Branch Predictor to Secure Program Execution, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN, 2007, pp. 10-19.
28. H. Theiling, Extracting safe and precise control flow from binaries, Proceedings. Seventh International Conference on Real-Time Computing Systems and Applications, 2000, pp. 23-30.
29. C. Tice et al., Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVM, 23rd USENIX Security Symposium, 2014.
30. Y. Xia, Y. Liu, H. Chen, and B. Zang, CFIMon: Detecting violation of control flow integrity using performance counters, 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2012, pp. 1-12.
31. L. Xu, F. Sun, and Z. Su, Constructing precise control flow graphs from binaries, University of California, Davis, Tech. Rep. 2009.
32. C. Young, N. Gloy, and M. Smith, A comparative analysis of schemes for correlated branch prediction, Proceedings of the Iinternational Symp. on Computer Architecture, 1995, pp. 276-286.
33. M. Zhang and R. Sekar, Control Flow Integrity for COTS Binaries, USENIX Security Symposium, 2013, pp. 337-352.
34. C. Zhang et al., Practical Control Flow Integrity and Randomization for Binary Executables, IEEE Symposium on Security and Privacy (S&P), 2013, pp. 559-573.
35. T. Zimmermann and S. Neuhaus, Security Trend Analysis sith CVE Topic Models, International Symposium on Software Reliability Engineering (ISSRE), 2010, pp. 111-120.