• Login
    View Item 
    •   SMARTech Home
    • Institute for Information Security & Privacy (IISP)
    • Institute for Information Security & Privacy Cybersecurity Lecture Series
    • View Item
    •   SMARTech Home
    • Institute for Information Security & Privacy (IISP)
    • Institute for Information Security & Privacy Cybersecurity Lecture Series
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    New Perspectives on Control-Flow Hijacking Mitigation

    Thumbnail
    View/Open
    burow.mp4 (347.2Mb)
    burow_videostream.html (1.013Kb)
    transcription.txt (38.79Kb)
    thumbnail.jpg (193.7Kb)
    Date
    2018-09-21
    Author
    Burow, Nathan
    Metadata
    Show full item record
    Abstract
    Despite over 20 years of research, control-flow hijacking attacks remain the most significant threat to software security. Attackers exploit C/C++ lack of memory and type safety to corrupt code-pointers, thereby hijacking application control flow and redirecting it to locations of their choice. Control-flow hijacking through code-pointer corruption lies at the heart of modern code-reuse attacks such as return-oriented programming (ROP). The state-of-the-art defense against these attacks is Control-Flow Integrity (CFI), which limits attackers to a set of targets based on a static computation of the program’s control-flow graph (CFG). Computing the CFG relies on alias analysis, which is fundamentally over-approximated, leaving attackers sufficient freedom to exploit software. Further, deployed CFI implementations do not protect return instructions and so do not mitigate ROP. This talk will focus on recent advancements by myself and the HexHive group at Purdue in addressing both the precision of control-flow hijacking defenses and also protecting returns. For precision, we observe that C++ virtual calls have their targets uniquely determined by the underlying object’s class. Consequently, we introduce a new policy called Object Type Integrity (OTI) that dynamically tracks the class (type) of every object, thereby protecting virtual calls. OTI is significantly more precise than CFI on real-world applications such as browsers, allowing only one target for virtual calls as opposed to a set of up to 100. Returns are best protected by shadow stacks, which mirror the return addresses in a protected memory region. We comprehensively evaluate the design and performance of all existing shadow stack mechanisms, allowing us to identify two new shadow stack mechanisms and recommend a design for deployment.
    URI
    http://hdl.handle.net/1853/60451
    Collections
    • Institute for Information Security & Privacy Cybersecurity Lecture Series [149]

    Browse

    All of SMARTechCommunities & CollectionsDatesAuthorsTitlesSubjectsTypesThis CollectionDatesAuthorsTitlesSubjectsTypes

    My SMARTech

    Login

    Statistics

    View Usage StatisticsView Google Analytics Statistics
    facebook instagram twitter youtube
    • My Account
    • Contact us
    • Directory
    • Campus Map
    • Support/Give
    • Library Accessibility
      • About SMARTech
      • SMARTech Terms of Use
    Georgia Tech Library266 4th Street NW, Atlanta, GA 30332
    404.894.4500
    • Emergency Information
    • Legal and Privacy Information
    • Human Trafficking Notice
    • Accessibility
    • Accountability
    • Accreditation
    • Employment
    © 2020 Georgia Institute of Technology