Annual Computer Security Applications Conference 2015

Full Program »

Control Flow and Code Integrity for COTS Binaries

Despite decades of sustained effort, memory corruption at-
tacks continue to be one of the most serious security threats
faced today. They are highly sought after by attackers as
they provide ultimate control — the ability to execute low-
level code of attacker’s choice. Attackers have shown time
and again their ability to overcome widely deployed coun-
termeasures such as Address Space Layout Randomization
(ASLR) and Data Execution Prevention (DEP) by crafting
Return Oriented Programming (ROP) attacks. Although
Turing-complete ROP attacks have been demonstrated in
research papers, real-world ROP payloads have had a more
limited objective: that of disabling DEP so that injected
native code attacks can be carried out. In this paper, we
provide a systematic defense, called Control Flow and Code
Integrity (CFCI), that makes injected native code attacks
impossible. CFCI achieves this without sacrificing compati-
bility with existing software, the need to replace system pro-
grams such as the dynamic loader, and without significant
performance penalty. We will release CFCI as open-source
software by the time of this conference.

Author(s):

Mingwei Zhang    
Stony Brook University
United States

R. Sekar    
Stony Brook University
United States

 

Powered by OpenConf®
Copyright©2002-2015 Zakon Group LLC