TY - GEN
T1 - Control flow and code integrity for COTS binaries
T2 - 31st Annual Computer Security Applications Conference, ACSAC 2015
AU - Zhang, Mingwei
AU - Sekar, R.
N1 - Publisher Copyright: © 2015 ACM.
PY - 2015/12/7
Y1 - 2015/12/7
N2 - Despite decades of sustained effort, memory corruption attacks continue to be one of the most serious security threats faced today. They are highly sought after by attackers, as they provide ultimate control - The ability to execute arbitrary low-level code. Attackers have shown time and again their ability to overcome widely deployed countermeasures such as Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) by crafting Return Oriented Programming (ROP) attacks. Although Turingcomplete ROP attacks have been demonstrated in research papers, real-world ROP payloads have had a more limited objective: That of disabling DEP so that injected native code attacks can be carried out. In this paper, we provide a systematic defense, called Control Flow and Code Integrity (CFCI), that makes injected native code attacks impossible. CFCI achieves this without sacrificing compatibility with existing software, the need to replace system programs such as the dynamic loader, and without significant performance penalty. We will release CFCI as open-source software by the time of this conference.
AB - Despite decades of sustained effort, memory corruption attacks continue to be one of the most serious security threats faced today. They are highly sought after by attackers, as they provide ultimate control - The ability to execute arbitrary low-level code. Attackers have shown time and again their ability to overcome widely deployed countermeasures such as Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) by crafting Return Oriented Programming (ROP) attacks. Although Turingcomplete ROP attacks have been demonstrated in research papers, real-world ROP payloads have had a more limited objective: That of disabling DEP so that injected native code attacks can be carried out. In this paper, we provide a systematic defense, called Control Flow and Code Integrity (CFCI), that makes injected native code attacks impossible. CFCI achieves this without sacrificing compatibility with existing software, the need to replace system programs such as the dynamic loader, and without significant performance penalty. We will release CFCI as open-source software by the time of this conference.
UR - https://www.scopus.com/pages/publications/84959330593
U2 - 10.1145/2818000.2818016
DO - 10.1145/2818000.2818016
M3 - Conference contribution
T3 - ACM International Conference Proceeding Series
SP - 91
EP - 100
BT - Proceedings - 31st Annual Computer Security Applications Conference, ACSAC 2015
PB - Association for Computing Machinery
Y2 - 7 December 2015 through 11 December 2015
ER -