Explore a comprehensive analysis of control-flow integrity (CFI) and its implementation challenges in this 24-minute conference talk. Delve into the concept of unique code target property and its potential to enhance CFI effectiveness. Examine the limitations of existing CFI approaches and understand why they fall short in preventing control-hijacking attacks. Learn about the innovative UCFI (Unique Code Target Property for Control-Flow Integrity) method, its implementation, security benefits, and efficiency considerations. Investigate the use of Intel PT for efficient analysis and path reconstruction. Discuss backward-edge CFI and compare UCFI with other techniques like CPI. Gain valuable insights into advancing cybersecurity measures against sophisticated control-flow attacks.
Enforcing Unique Code Target Property for Control-Flow Integrity
Association for Computing Machinery (ACM) via YouTube
Overview
Syllabus
Intro
Control-flow attack is getting harder
Control-flow attack is still possible
Example: control-flow attack
Example: control-flow integrity
Unique code target property
Challenges with Intel PT
Which data is necessary?
UCFI - perform efficient analysis path reconstruction from PT trace is slow!
Implementation
Security - enforcing unique target
Security - preventing attacks
Efficiency - performance overhead
Efficiency - memory&code overhead
Efficiency - trace size reduction
Discussion - backward-edge CFI
Conclusion: UCFI
Discussion - difference from CPI
Taught by
Association for Computing Machinery (ACM)
Related Courses
-
How to Survive the Hardware Assisted Control-Flow Integrity Enforcement
-
Control Flow Integrity in the Linux Kernel
-
Missing the Point(er) - On the Effectiveness of Code Pointer Integrity
-
Control-Flow Bending - On the Effectiveness of Control-Flow Integrity
-
Towards a Policy-Agnostic Control-Flow Integrity Implementation
-
Mitigating Spectre Attacks Using CFI Informed Speculation
