Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity
Springer International Publishing
ISBN 978-3-030-73141-0
Standardpreis
Bibliografische Daten
eBook. PDF
2021
XIII, 95 p. 23 illus..
In englischer Sprache
Umfang: 95 S.
Verlag: Springer International Publishing
ISBN: 978-3-030-73141-0
Weiterführende bibliografische Daten
Das Werk ist Teil der Reihe: Information Security and Cryptography
Produktbeschreibung
There are three fundamental components in Control-Flow Integrity (CFI) enforcement. The first component is accurately recovering the policy (CFG). Usually, the more precise the policy is, the more security CFI improves, but precise CFG generation was considered hard without the support of source code. The second component is embedding the CFI policy securely. Current CFI enforcement usually inserts checks before indirect branches to consult a read-only table which stores the valid CFG information. However, this kind of read-only table can be overwritten by some kinds of attacks (e.g., the Rowhammer attack and data-oriented programming). The third component is to efficiently enforce the CFI policy. In current approaches CFI checks are always executed whenever there is an indirect control flow transfer. Therefore, it is critical to minimize the performance impact of CFI checks.
Autorinnen und Autoren
Produktsicherheit
Hersteller
Springer Nature Customer Service Center GmbH
ProductSafety@springernature.com