Annual Computer Security Applications Conference (ACSAC) 2020

Full Program »

ρFEM: Efficient Backward-edge Protection Using Reversed Forward-edge Mappings

We propose reversed forward-edge mapper (ρFEM), a Clang/LLVM compiler-based tool, to protect the backward edges of program’s control flow graph (CFG) against runtime control-flow hijacking (e.g., code reuse attacks). It protects backward-edge transfers inC/C++originating from virtual and non-virtual functions by first statically constructing a precise virtual table hierarchy, with which to forma precise forward-edge mapping between callees and non-virtual calltargets based on precise function signatures, and then checks each instrumented callee return against the previously computed set at runtime. We have evaluatedρFEMusing the Chrome browser,NodeJS, Nginx, Memcached, and SPEC CPU2017 benchmark. Our results show that ρFEM enforces less than 2.77 return targets per callee in geomean, even for applications heavily relying on backward edges. ρFEM’s runtime overhead is less than 1% in geomean for the SPEC CPU2017 benchmark and 3.44% in geomean for the Chrome browser.

Paul Muntean
TU Munich

Mathias Neumayer
TU Munich

Zhiqiang Lin
Ohio State University

Gang Tan
Penn State Univ.

Jens Grossklags
TU Munich

Claudia Eckert
TU Munich

Paper (ACM DL)




Powered by OpenConf®
Copyright©2002-2021 Zakon Group LLC