ABCFI: Fast and Lightweight Fine-Grained Hardware-Assisted Control-Flow Integrity

Abstract

Code-reuse attack is a severe threat to computer systems as it can circumvent many existing security defenses and perform arbitrary behavior. Control-flow integrity (CFI) is a security technique that restricts control-flow transfers to prevent the attack. Although CFI has been implemented via various methods, including hardware-assisted extensions, the current designs of hardware-assisted fine-grained CFI fail to meet practical needs. The main hurdles include: 1) the lack of cost-effective design and 2) insufficient security as they cannot enforce a complete control-flow graph (CFG) with only one label for each target. This article presents a novel hardware-assisted fine-grained CFI design that reformulates labels as the lower bits of addresses (called address-based CFI). Thus, it costs negligible runtime overhead (≤ 0.55%) and hardware overhead (only ten LUTs and no flip flop based on coarse-grained extension). Among all the current hardware-assisted fine-grained CFI designs, ABCFI has the lowest hardware overhead and runtime performance overhead. With our novel design, the commercial coarse-grained CFI extensions can be advanced to fine-grained CFI extensions through few efforts.