Sarwar Sayeed
On the Effectiveness of Control-Flow Integrity Against Modern Attack Techniques
Sayeed, Sarwar; Marco-Gisbert, Hector
Authors
Hector Marco-Gisbert
Abstract
Memory error vulnerabilities are still widely exploited by attackers despite the various protections developed. Attackers have adopted new strategies to successfully exploit well-known memory errors bypassing mature protection techniques such us the NX, SSP, and ASLR. Those attacks compromise the execution flow to gain control over the target successfully.
Control-flow Integrity (CFI) is a protection technique that aims to eradicate memory error exploitation by ensuring that the instruction pointer (IP) of a running program cannot be controlled by a malicious attacker. In this paper, we assess the effectiveness of 14 CFI techniques against the most popular exploitation techniques including code reuse attacks, return-to-user, return-to-libc and replay attacks.
Surveys are conducted to classify those 14 CFI techniques based on the security robustness and implementation feasibility. Our study indicates that the majority of the CFI techniques are primarily focused on restricting indirect branch instructions and cannot prevent all forms of vulnerability exploitation. Moreover, we show that the overhead and implementation requirement make some CFI techniques impractical. We conclude that the effort required to have those techniques in real systems, the high overhead, and also the partial attack coverage is discouraging the industry from adopting CFI protections.
Citation
Sayeed, S., & Marco-Gisbert, H. (2019). On the Effectiveness of Control-Flow Integrity Against Modern Attack Techniques. In ICT Systems Security and Privacy Protection. SEC 2019 (331-344). https://doi.org/10.1007/978-3-030-22312-0_23
Conference Name | 34th IFIP TC 11 International Conference, SEC 2019 |
---|---|
Conference Location | Lisbon, Portugal |
Start Date | Jun 25, 2019 |
End Date | Jun 27, 2019 |
Online Publication Date | Jun 5, 2019 |
Publication Date | 2019 |
Deposit Date | Feb 1, 2022 |
Publisher | Springer |
Pages | 331-344 |
Series Title | IFIP Advances in Information and Communication Technology |
Series Number | 562 |
Series ISSN | 1868-4238 |
Book Title | ICT Systems Security and Privacy Protection. SEC 2019 |
ISBN | 978-3-030-22311-3 |
DOI | https://doi.org/10.1007/978-3-030-22312-0_23 |
Keywords | CFI Protection Techniques, CFI attacks |
Public URL | http://researchrepository.napier.ac.uk/Output/2839018 |
You might also like
Towards The Creation Of The Future Fish Farm
(2023)
Journal Article
Post Quantum Cryptography Analysis of TLS Tunneling on a Constrained Device
(2022)
Conference Proceeding
GLASS: A Citizen-Centric Distributed Data-Sharing Model within an e-Governance Architecture
(2022)
Journal Article
PAN-DOMAIN: Privacy-preserving Sharing and Auditing of Infection Identifier Matching
(2022)
Conference Proceeding
Smart Contract: Attacks and Protections
(2020)
Journal Article