Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Enforcing Unique Code Target Property for Control-Flow Integrity

Association for Computing Machinery (ACM) via YouTube

Overview

Explore a comprehensive analysis of control-flow integrity (CFI) and its implementation challenges in this 24-minute conference talk. Delve into the concept of unique code target property and its potential to enhance CFI effectiveness. Examine the limitations of existing CFI approaches and understand why they fall short in preventing control-hijacking attacks. Learn about the innovative UCFI (Unique Code Target Property for Control-Flow Integrity) method, its implementation, security benefits, and efficiency considerations. Investigate the use of Intel PT for efficient analysis and path reconstruction. Discuss backward-edge CFI and compare UCFI with other techniques like CPI. Gain valuable insights into advancing cybersecurity measures against sophisticated control-flow attacks.

Syllabus

Intro
Control-flow attack is getting harder
Control-flow attack is still possible
Example: control-flow attack
Example: control-flow integrity
Unique code target property
Challenges with Intel PT
Which data is necessary?
UCFI - perform efficient analysis path reconstruction from PT trace is slow!
Implementation
Security - enforcing unique target
Security - preventing attacks
Efficiency - performance overhead
Efficiency - memory&code overhead
Efficiency - trace size reduction
Discussion - backward-edge CFI
Conclusion: UCFI
Discussion - difference from CPI

Taught by

Association for Computing Machinery (ACM)

Reviews

Start your review of Enforcing Unique Code Target Property for Control-Flow Integrity

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.