Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
MTZ-Fachkongress

Antriebe und Energiesysteme von morgen


Austausch von Automobil- und Energiewirtschaft

Am 14./15. Mai geht es in Chemnitz um die Mobilitätswende durch Elektro- und Wasserstofffahrzeuge.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
An Adversarial Robustness Benchmark for Enterprise Network Intrusion Detection Kapitel lesen Erstes Kapitel lesen

2024 | OriginalPaper | Buchkapitel

Effectiveness of Binary-Level CFI Techniques

verfasst von : Ruturaj K. Vaidya, Prasad A. Kulkarni

Erschienen in: Foundations and Practice of Security

Verlag: Springer Nature Switzerland

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Memory corruption is an important class of vulnerability that can be leveraged to craft control flow hijacking attacks. Control Flow Integrity (CFI) provides protection against such attacks. Application of type-based CFI policies requires information regarding the number and type of function arguments. Binary-level type recovery is inherently speculative, which motivates the need for an evaluation framework to assess the effectiveness of binary-level CFI techniques. In this work, we develop a novel and extensible framework to assess how the program analysis information we get from advanced binary analysis tools affects the efficacy of type-based CFI techniques. We introduce new and insightful metrics to quantitatively compare source independent CFI policies with their ground truth source aware counterparts. We leverage our framework to evaluate binary-level CFI policies implemented using program analysis information extracted from the IDA Pro binary analyzer and compared with the ground truth information obtained from the LLVM compiler.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Practices for Assessing the Security Level of Solidity Smart Contracts
Nächstes Kapitel A Small World–Privacy Preserving IoT Device-Type Fingerprinting with Small Datasets
Fußnoten
1
Our framework is available online - https://​github.​com/​Ruturaj4/​B-CFI.
 
2
It is important to realize that even if the binary-level CFI technique produces a more desirable outcome (for example, by allowing all programmer-intended targets and a smaller spurious set in the reachable set), it is still considered erroneous in this work, if it does not match the output of the corresponding source-level approach, since the technique did not function as algorithmically designed (due to imprecise analysis data), and any observed “improvement” is merely coincidental.
 
Literatur
1.
Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS 2005). Association for Computing Machinery, New York (2005)
2.
Burow, N., et al.: Control-flow integrity: precision, security, and performance. ACM Comput. Surv. 50(1), 1–33 (2017)
3.
Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A.R., Shacham, H., Winandy, M.: Return-oriented programming without returns. In: Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS 2010), pp. 559-572. Association for Computing Machinery, New York (2010)
4.
5.
Farkhani, R.M., Jafari, S., Arshad, S., Robertson, W., Kirda, E., Okhravi, H.: On the effectiveness of type-based control flow integrity. In: Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC 2018), pp. 28–39. Association for Computing Machinery, New York (2018)
6.
Frassetto, T., Jauernig, P., Koisser, D., Sadeghi, A.R.: Cfinsight: a comprehensive metric for CFI policies. In: 29th Annual Network and Distributed System Security Symposium (NDSS) (2022)
7.
Ge, X., Talele, N., Payer, M., Jaeger, T.: Fine-grained control-flow integrity for kernel software. In: 2016 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 179–194 (2016)
8.
9.
Lan, B., Li, Y., Sun, H., Su, C., Liu, Y., Zeng, Q.: Loop-oriented programming: a new code reuse attack to bypass modern defenses. In: 2015 IEEE Trustcom/BigDataSE/ISPA, vol. 1, pp. 190–197 (2015)
10.
Lettner, J., et al.: Subversive-C: abusing and protecting dynamic message dispatch. In: 2016 USENIX Annual Technical Conference (USENIX ATC 16), pp. 209–221. USENIX Association, Denver (2016)
11.
Li, Y., Wang, M., Zhang, C., Chen, X., Yang, S., Liu, Y.: Finding cracks in shields: on the security of control flow integrity mechanisms. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (CCS 2020). Association for Computing Machinery, New York (2020)
12.
13.
14.
Muntean, P., Fischer, M., Tan, G., Lin, Z., Grossklags, J., Eckert, C.: \(\tau \)-CFI: type-assisted control flow integrity for x86-64 binaries. In: Bailey, M., Holz, T., Stamatogiannakis, M., Ioannidis, S. (eds.) Research in Attacks, Intrusions, and Defenses, pp. 423–444. Springer, Cham (2018). https://​doi.​org/​10.​1007/​978-3-030-00470-5_​20
15.
Muntean, P., Neumayer, M., Lin, Z., Tan, G., Grossklags, J., Eckert, C.: Analyzing control flow integrity with LLVM-CFI. In: Proceedings of the 35th Annual Computer Security Applications Conference (ACSAC 2019), pp. 584–597. Association for Computing Machinery, New York (2019)
16.
Niu, B., Tan, G.: Modular control-flow integrity. In: PLDI 2014. Association for Computing Machinery, New York (2014)
17.
Schuster, F., Tendyck, T., Liebchen, C., Davi, L., Sadeghi, A.R., Holz, T.: Counterfeit object-oriented programming: on the difficulty of preventing code reuse attacks in c++ applications. In: 2015 IEEE Symposium on Security and Privacy, pp. 745–762 (2015)
18.
Shacham, H.: The geometry of innocent flesh on the bone: return-into-LIBC without function calls (on the x86). In: Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS 2007), pp. 552–561 (2007)
19.
Team, P.: Rap: rip rop. In: Hackers 2 Hackers Conference (H2HC) (2015)
20.
Tice, C., et al.: Enforcing forward-edge control-flow integrity in GCC & LLVM. In: Proceedings of the 23rd USENIX Conference on Security Symposium (SEC 2014), pp. 941–955. USENIX Association, USA (2014)
21.
van der Veen, V., et al.: A tough call: mitigating advanced code-reuse attacks at the binary level. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 934–953 (2016)
22.
Wang, M., Yin, H., Bhaskar, A.V., Su, P., Feng, D.: Binary code continent: finer-grained control flow integrity for stripped binaries. In: Proceedings of the 31st Annual Computer Security Applications Conference (ACSAC 2015), pp. 331–340. Association for Computing Machinery, New York (2015)
23.
Xu, X., Ghaffarinia, M., Wang, W., Hamlen, K.W., Lin, Z.: Confirm: evaluating compatibility and relevance of control-flow integrity protections for modern software. In: Proceedings of the 28th USENIX Conference on Security Symposium (SEC 2019), pp. 1805–1821. USENIX Association, USA (2019)
24.
Zhang, C., et al.: Practical control flow integrity and randomization for binary executables. In: 2013 IEEE Symposium on Security and Privacy, pp. 559–573 (2013)
25.
Zhang, M., Sekar, R.: Control flow integrity for cots binaries. In: Proceedings of the 22nd USENIX Conference on Security (SEC 2013). USENIX Association, USA (2013)
Metadaten
Titel
Effectiveness of Binary-Level CFI Techniques
verfasst von
Ruturaj K. Vaidya
Prasad A. Kulkarni
Copyright-Jahr
2024
Buch
Foundations and Practice of Security

Print ISBN: 978-3-031-57536-5

Electronic ISBN: 978-3-031-57537-2

Copyright-Jahr: 2024

DOI
https://doi.org/10.1007/978-3-031-57537-2_6

Premium Partner

    Bildnachweise