Explore the intricacies of control-flow integrity (CFI) in this 48-minute Black Hat conference talk. Delve into the theoretical foundations of CFI as a defense mechanism against code-reuse attacks and examine its current implementation challenges. Learn about the security and practicality trade-offs in existing CFI solutions. Investigate topics such as return-oriented programming, thread models, randomization techniques, and dynamic points-to analysis. Discover various CFI policies including coarse-grained CFI, Coop CFI, and return CFI. Analyze the role of hardware in CFI implementation, addressing scheduling issues and shadow stack considerations. Gain insights into process control blocks, underflow scenarios, and CFI faults. Presented by experts Ahmad-Reza Sadeghi, Dean Sullivan, Orlando Arias, and Yier Jin, this talk offers a comprehensive overview of CFI implementation strategies and their implications for cybersecurity professionals.
Towards a Policy-Agnostic Control-Flow Integrity Implementation
Overview
Syllabus
Introduction
Outline
Motivation
Color Reuse Attack
Summary
Background
ReturnOriented Programming
Thread Model
Randomization
Requirements
Basics
Dynamic Points to Analysis
Dereferencing Memory
Direct Code pointers
Static instrumentation
Coarsegrained CFI
Coop CFI
Return CFI
Shadow Stack Policy
Return Policy
Interfacing with Hardware
Why Hardware
Scheduling Issues
Shadow Stack
Process Control Block
Underflow
CFI Fault
HDFI
ACF
Taught by
Black Hat
