Proceedings of the 48th International Symposium on Microarchitecture 2015
DOI: 10.1145/2830772.2830801
|View full text |Cite
|
Sign up to set email alerts
|

Locking down insecure indirection with hardware-based control-data isolation

Abstract: Arbitrary code injection pervades as a central issue in computer security where attackers seek to exploit the software attack surface. A key component in many exploits today is the successful execution of a control-flow attack. Control-Data Isolation (CDI) has emerged as a work which eliminates the root cause of contemporary control-flow attacks: indirect control flow instructions. These instructions are replaced by direct control flow edges dictated by the programmer and encoded into the application by the co… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1

Citation Types

0
3
0

Year Published

2016
2016
2020
2020

Publication Types

Select...
4

Relationship

0
4

Authors

Journals

citations
Cited by 4 publications
(3 citation statements)
references
References 17 publications
0
3
0
Order By: Relevance
“…Software schemes [3,13,27,45,52,57] to improve security typically have unacceptably high performance overheads. Hardware schemes [11,23,28,31,32,36,37,47] are slow to react to new attacks, and can be rendered ineffective if limitations in their fixed functionality can be exploited. We want to provide a system that can avoid the shortcomings of each.…”
Section: Requirementsmentioning
confidence: 99%
See 1 more Smart Citation
“…Software schemes [3,13,27,45,52,57] to improve security typically have unacceptably high performance overheads. Hardware schemes [11,23,28,31,32,36,37,47] are slow to react to new attacks, and can be rendered ineffective if limitations in their fixed functionality can be exploited. We want to provide a system that can avoid the shortcomings of each.…”
Section: Requirementsmentioning
confidence: 99%
“…Enforcing security properites in hardware is a tempting proposition [11,23,28,31,32,36,37,47]. However, fixedfunction hardware is limited in utility if an attacker can simply change their targets to components without protection, or design software to deliberately circumvent the defences.…”
Section: Introductionmentioning
confidence: 99%
“…Traditional control-flow integrity techniques rely on static information about the control-flow of the application to determine which paths are valid [9,[11][12][13][14][15][16][17][18][19]42]. For example, Control-Data Isolation [43] converts indirect branches into a series of direct branches based on the set of staticallyreachable targets, using hardware support to reduce the instruction cache impact [44]. The REV system [42] records cryptographic hashes of each basic block to thwart code injection and invalid control-flow transfers, but relies on static analysis to determine basic block boundaries.…”
Section: Related Workmentioning
confidence: 99%