Lavoisier S.A.S.
14 rue de Provigny
94236 Cachan cedex
FRANCE

Heures d'ouverture 08h30-12h30/13h30-17h30
Tél.: +33 (0)1 47 40 67 00
Fax: +33 (0)1 47 40 67 02


Url canonique : www.lavoisier.fr/livre/informatique/novel-techniques-in-recovering-embedding-and-enforcing-policies-for-control-flow-integrity/descriptif_4549132
Url courte ou permalien : www.lavoisier.fr/livre/notice.asp?ouvrage=4549132

0 article 

 Frais de port 0,01€*

Exclusivité web : à partir de 35 euros d’achat, frais de port à 1 centime pour les expéditions vers la France métropolitaine, la Suisse et l’UE avec Colissimo ou GLS

Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity, 1st ed. 2021 Information Security and Cryptography Series

Langue : Anglais

Auteur :

Couverture de l’ouvrage Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity
There are three fundamental components in Control-Flow Integrity (CFI) enforcement. The first component is accurately recovering the policy (CFG). Usually, the more precise the policy is, the more security CFI improves, but precise CFG generation was considered hard without the support of source code. The second component is embedding the CFI policy securely. Current CFI enforcement usually inserts checks before indirect branches to consult a read-only table which stores the valid CFG information. However, this kind of read-only table can be overwritten by some kinds of attacks (e.g., the Rowhammer attack and data-oriented programming). The third component is to efficiently enforce the CFI policy. In current approaches CFI checks are always executed whenever there is an indirect control flow transfer. Therefore, it is critical to minimize the performance impact of CFI  checks.

In this book, we propose novel solutions to handle these three fundamental components. To generate a precise CFI policy without the support of the source code, we systematically study two methods which recover CFI policy based on function signature matching at the binary level and propose our novel rule- and heuristic-based mechanism to more accurately recover function signature. To embed CFI policy securely, we design a novel platform which encodes the policy into the machine instructions directly without relying on consulting any read-only data structure, by making use of the idea of instruction-set randomization. Each basic block is encrypted with a key derived from the CFG. To efficiently enforce CFI policy, we make use of a mature dynamic code optimization platform called DynamoRIO to enforce the policy so that we are only required to do the CFI check when needed.
{draft, needs completion}

1       Introduction

1.1   Overview of Control-Flow Integrity

1.2    Practicality of Recovering Fine-grained CFI Policies

1.3   Control-Flow Carrying Code

1.4   Control-Flow Integrity Enforcement Based on Dynamic Code Optimization

2        Literature Review

2.1   Control-Flow Hijacking


2.2   Deployed Defenses


2.3   Control-Flow Integrity

3        When Function Signature Recovery Meets Compiler Optimization

3.1   Introduction

3.2   Background and Unified Notation

3.3   Eight Ways in Which Compiler Optimization Impacts Function Signature Recovery

3.4   Evaluation

3.5   Revised Policy

3.6   Evaluation on revised policy

3.7   Summary

4        Control-Flow Carrying Code

4.1   Introduction

4.2   Overview of C^3

4.3   Detailed Designed of C^3

4.4   Implementation

4.5   Evaluation

4.6   Discussion

4.7   Summary

5     Control-Flow Integrity Enforcement with Dynamic Code Optimization

5.1   Introduction

5.2   Design, Implementation, and Security Comparison

5.3   Detailed Performance Profiling

5.4   Security Evaluation

5.5   Summary

6        Conclusion

Bibliography


Yan Lin is at the School of Computing and Information Systems, Singapore Management University. Her extensive studies have focused on the area of cybersecurity, and her current researches focus on software security and system security. 

Provides deep understanding of Control-Flow Integrity

Offers new insights on the relationship between function signature and compiler optimization

Demonstrates how CFI can be more efficient than Data Execution Prevention

Date de parution :

Ouvrage de 95 p.

15.5x23.5 cm

Disponible chez l'éditeur (délai d'approvisionnement : 15 jours).

105,49 €

Ajouter au panier

Ces ouvrages sont susceptibles de vous intéresser


Building Secure Defenses Against Code-Reuse Attacks 52,74 €

Practical Signcryption 116,04 €