Skip to main content

Research Repository

Advanced Search

On the Effectiveness of Control-Flow Integrity Against Modern Attack Techniques

Sayeed, Sarwar; Marco-Gisbert, Hector

Authors

Sarwar Sayeed

Hector Marco-Gisbert



Abstract

Memory error vulnerabilities are still widely exploited by attackers despite the various protections developed. Attackers have adopted new strategies to successfully exploit well-known memory errors bypassing mature protection techniques such us the NX, SSP, and ASLR. Those attacks compromise the execution flow to gain control over the target successfully.

Control-flow Integrity (CFI) is a protection technique that aims to eradicate memory error exploitation by ensuring that the instruction pointer (IP) of a running program cannot be controlled by a malicious attacker. In this paper, we assess the effectiveness of 14 CFI techniques against the most popular exploitation techniques including code reuse attacks, return-to-user, return-to-libc and replay attacks.

Surveys are conducted to classify those 14 CFI techniques based on the security robustness and implementation feasibility. Our study indicates that the majority of the CFI techniques are primarily focused on restricting indirect branch instructions and cannot prevent all forms of vulnerability exploitation. Moreover, we show that the overhead and implementation requirement make some CFI techniques impractical. We conclude that the effort required to have those techniques in real systems, the high overhead, and also the partial attack coverage is discouraging the industry from adopting CFI protections.

Presentation Conference Type Conference Paper (Published)
Conference Name 34th IFIP TC 11 International Conference, SEC 2019
Start Date Jun 25, 2019
End Date Jun 27, 2019
Online Publication Date Jun 5, 2019
Publication Date 2019
Deposit Date Feb 1, 2022
Publisher Springer
Pages 331-344
Series Title IFIP Advances in Information and Communication Technology
Series Number 562
Series ISSN 1868-4238
Book Title ICT Systems Security and Privacy Protection. SEC 2019
ISBN 978-3-030-22311-3
DOI https://doi.org/10.1007/978-3-030-22312-0_23
Keywords CFI Protection Techniques, CFI attacks
Public URL http://researchrepository.napier.ac.uk/Output/2839018