Strategy without tactics: Policy-agnostic hardware-enhanced control-flow integrity
DAC(2016)
摘要
Control-flow integrity (CFI) is a general defense against codereuse exploits that currently constitute a severe threat against diverse computing platforms. Existing CFI solutions (both in software and hardware) suffer from shortcomings such as (i) inefficiency, (ii) security weaknesses, or (iii) are not scalable. In this paper, we present a generic hardware-enhanced CFI scheme that tackles these problems and allows to enforce diverse CFI policies. Our approach fully supports multi-tasking, shared libraries, prevents various forms of code-reuse attacks, and allows CFI protected code and legacy code to co-exist. We evaluate our implementation on SPARC LEON3 and demonstrate its high efficiency.
更多查看译文
关键词
policy-agnostic hardware,control-flow integrity,generic hardware-enhanced CFI scheme,code-reuse attack,SPARC LEON3
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络