Control-Flow Integrity-Reference-Cited by-同舟云学术

Control-Flow Integrity

Published:2018-01-31 Issue:1 Volume:50 Page:1-33
ISSN:0360-0300
Container-title:ACM Computing Surveys
language:en
Short-container-title:ACM Comput. Surv.

Author:

Burow Nathan¹,Carr Scott A.¹,Nash Joseph²,Larsen Per²,Franz Michael²,Brunthaler Stefan³,Payer Mathias¹^ORCID

Affiliation:

1. Purdue University

2. University of California, Irvine

3. Paderborn University 8 SBA Research

Abstract

Memory corruption errors in C/C++ programs remain the most common source of security vulnerabilities in today’s systems. Control-flow hijacking attacks exploit memory corruption vulnerabilities to divert program execution away from the intended control flow. Researchers have spent more than a decade studying and refining defenses based on Control-Flow Integrity (CFI); this technique is now integrated into several production compilers. However, so far, no study has systematically compared the various proposed CFI mechanisms nor is there any protocol on how to compare such mechanisms. We compare a broad range of CFI mechanisms using a unified nomenclature based on (i) a qualitative discussion of the conceptual security guarantees, (ii) a quantitative security evaluation, and (iii) an empirical evaluation of their performance in the same test environment. For each mechanism, we evaluate (i) protected types of control-flow transfers and (ii) precision of the protection for forward and backward edges. For open-source, compiler-based implementations, we also evaluate (iii) generated equivalence classes and target sets and (iv) runtime performance.

Funder

Defense Advanced Research Projects Agency

National Science Foundation

COMET K1 of the Austrian Research Promotion Agency

Publisher

Association for Computing Machinery (ACM)

Subject

General Computer Science,Theoretical Computer Science

Link

https://dl.acm.org/doi/pdf/10.1145/3054924

Reference87 articles.

1. Control-flow integrity

2. A Theory of Secure Control Flow

3. A brief history of just-in-time

4. Fast static analysis of C++ virtual function calls

Cited by 168 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. SOVEREIGN - Towards a Holistic Approach to Critical Infrastructure Protection;Proceedings of the 19th International Conference on Availability, Reliability and Security;2024-07-30

2. Diagnosis-guided Attack Recovery for Securing Robotic Vehicles from Sensor Deception Attacks;Proceedings of the 19th ACM Asia Conference on Computer and Communications Security;2024-07

3. Classification of return-oriented programming gadgets: a machine learning approach;Journal of Computer Virology and Hacking Techniques;2024-06-19

4. Bitmap-Based Security Monitoring for Deeply Embedded Systems;ACM Transactions on Software Engineering and Methodology;2024-06-18

5. WARDuino: An embedded WebAssembly virtual machine;Journal of Computer Languages;2024-06