2017 IEEE International Symposium on High Performance Computer Architecture (HPCA) 2017
DOI: 10.1109/hpca.2017.18
|View full text |Cite
|
Sign up to set email alerts
|

Transparent and Efficient CFI Enforcement with Intel Processor Trace

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
32
0

Year Published

2017
2017
2020
2020

Publication Types

Select...
4
3
2

Relationship

1
8

Authors

Journals

citations
Cited by 68 publications
(32 citation statements)
references
References 33 publications
0
32
0
Order By: Relevance
“…GRIFFIN [51] is an operating system mechanism (running in the kernel) that leverages the PT feature to enforce CFI policies. PT-CFI [52] and FLOWGUARD [53] are two backward-edge control-flow violation detection systems using PT tracing. To address the over-approximation problem of control targets in forward-edge CFI, PITTYPAT [54] utilizes PT to track basic block execution to compute the legal control transfer target sets through runtime path-sensitive point-to analysis.…”
Section: A Tracing Indirect and Conditional Branches With Ptmentioning
confidence: 99%
“…GRIFFIN [51] is an operating system mechanism (running in the kernel) that leverages the PT feature to enforce CFI policies. PT-CFI [52] and FLOWGUARD [53] are two backward-edge control-flow violation detection systems using PT tracing. To address the over-approximation problem of control targets in forward-edge CFI, PITTYPAT [54] utilizes PT to track basic block execution to compute the legal control transfer target sets through runtime path-sensitive point-to analysis.…”
Section: A Tracing Indirect and Conditional Branches With Ptmentioning
confidence: 99%
“…If anything, shadow stacks are typically stored at well-known memory locations (such as the data segment, within the TLS, or at a fixed offset from the regular stack), enabling an attacker to overwrite the copies of return addresses. Merely some recent hardware-assisted schemes deploy isolated monitoring processes, which inherently protects their shadow stacks from information disclosure, but also induces non-negligible performance overheads [27,34].…”
Section: Related Workmentioning
confidence: 99%
“…Besides our work, there are two concurrent and independent efforts that leverage Intel PT for CFI enforcement. FlowGuard [32] and PT-CFI [25] both aim to accelerate their trace processing and policy checking by avoiding recon-struction of complete control flows in their fast processing paths. Without the complete control flows, the source addresses of indirect branches are not available, so FlowGuard and PT-CFI cannot enforce fine-grained, forward-edge CFI policies like GRIFFIN.…”
Section: Related Workmentioning
confidence: 99%