On the Effectiveness of Hardware Enforced Control Flow Integrity
dc.contributor.author | Gadient, Austin | |
dc.date.accessioned | 2017-12-28T02:18:37Z | |
dc.date.available | 2017-12-28T02:18:37Z | |
dc.date.issued | 2018-01-03 | |
dc.description.abstract | Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and stack canaries have been circumvented by recent exploits. As a result, security researchers have turned towards Control Flow Integrity (CFI) to defend systems. Previous attempts to achieve CFI have tried to remain efficient and practical, but were exploitable. The NSA proposed a CFI system which integrates new hardware and program instrumentation. The purpose of this research is to assess and improve this proposal. In this paper, the system is exploited through the development of simple, vulnerable programs. It is shown to be effective in mitigating Jump Oriented Programming (JOP) attacks through an algorithm introduced as part of this work. Finally, different approaches are proposed to improve upon this system while their merits and issues are assessed. | |
dc.format.extent | 9 pages | |
dc.identifier.doi | 10.24251/HICSS.2018.696 | |
dc.identifier.isbn | 978-0-9981331-1-9 | |
dc.identifier.uri | http://hdl.handle.net/10125/50585 | |
dc.language.iso | eng | |
dc.relation.ispartof | Proceedings of the 51st Hawaii International Conference on System Sciences | |
dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
dc.subject | Cyber-of-Things: Cyber Crimes, Cyber Security and Cyber Forensics | |
dc.subject | CFI, Exploit, Gadget, JOP, ROP | |
dc.title | On the Effectiveness of Hardware Enforced Control Flow Integrity | |
dc.type | Conference Paper | |
dc.type.dcmi | Text |
Files
Original bundle
1 - 1 of 1