Abbildung von Lin | Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity | 1. Auflage | 2021 | beck-shop.de
eBook

Lin

Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity

Springer International Publishing

ISBN 978-3-030-73141-0

Zur Nachauflage
Zur Vorauflage

Standardpreis

96,29 €

sofort lieferbar!

Preisangaben inkl. MwSt. Abhängig von der Lieferadresse kann die MwSt. an der Kasse variieren. Weitere Informationen

Bibliografische Daten

eBook. PDF

2021

XIII, 95 p. 23 illus..

In englischer Sprache

Umfang: 95 S.

Verlag: Springer International Publishing

ISBN: 978-3-030-73141-0

Weiterführende bibliografische Daten

Das Werk ist Teil der Reihe: Information Security and Cryptography

Produktbeschreibung

There are three fundamental components in Control-Flow Integrity (CFI) enforcement. The first component is accurately recovering the policy (CFG). Usually, the more precise the policy is, the more security CFI improves, but precise CFG generation was considered hard without the support of source code. The second component is embedding the CFI policy securely. Current CFI enforcement usually inserts checks before indirect branches to consult a read-only table which stores the valid CFG information. However, this kind of read-only table can be overwritten by some kinds of attacks (e.g., the Rowhammer attack and data-oriented programming). The third component is to efficiently enforce the CFI policy. In current approaches CFI checks are always executed whenever there is an indirect control flow transfer. Therefore, it is critical to minimize the performance impact of CFI checks.

In this book, we propose novel solutions to handle these three fundamental components. To generate a precise CFI policy without the support of the source code, we systematically study two methods which recover CFI policy based on function signature matching at the binary level and propose our novel rule- and heuristic-based mechanism to more accurately recover function signature. To embed CFI policy securely, we design a novel platform which encodes the policy into the machine instructions directly without relying on consulting any read-only data structure, by making use of the idea of instruction-set randomization. Each basic block is encrypted with a key derived from the CFG. To efficiently enforce CFI policy, we make use of a mature dynamic code optimization platform called DynamoRIO to enforce the policy so that we are only required to do the CFI check when needed.

Autorinnen und Autoren

Produktsicherheit

Hersteller

Springer Nature Customer Service Center GmbH

ProductSafety@springernature.com

Topseller & Empfehlungen für Sie

Ihre zuletzt angesehenen Produkte

Rezensionen

Dieses Set enthält folgende Produkte:
    Auch in folgendem Set erhältlich:

      • Grafik Warenkorb In den Warenkorb Grafik 4-Wochen-Test für beck-online 4-Wochen-Test bestellen

      Grafik MerklisteAuf die Merkliste Nachricht, wenn verfügbar
      nach oben
      X

      Das Passwort muss mind. 8 Zeichen enthalten.
      (Darin sollte mind. ein Groß- und ein Kleinbuchstabe und mind. eine Ziffer enthalten sein.)

      Schließen

      Ihre Daten werden geladen ...