Full Program »
Control Flow and Code Integrity for COTS Binaries
tacks continue to be one of the most serious security threats
faced today. They are highly sought after by attackers as
they provide ultimate control — the ability to execute low-
level code of attacker’s choice. Attackers have shown time
and again their ability to overcome widely deployed coun-
termeasures such as Address Space Layout Randomization
(ASLR) and Data Execution Prevention (DEP) by crafting
Return Oriented Programming (ROP) attacks. Although
Turing-complete ROP attacks have been demonstrated in
research papers, real-world ROP payloads have had a more
limited objective: that of disabling DEP so that injected
native code attacks can be carried out. In this paper, we
provide a systematic defense, called Control Flow and Code
Integrity (CFCI), that makes injected native code attacks
impossible. CFCI achieves this without sacrificing compati-
bility with existing software, the need to replace system pro-
grams such as the dynamic loader, and without significant
performance penalty. We will release CFCI as open-source
software by the time of this conference.
Author(s):
Mingwei Zhang
Stony Brook University
United States
R. Sekar
Stony Brook University
United States