Abstract

Memory corruption errors in C/C++ programs remain the most common source of security vulnerabilities in today’s systems. Control-flow hijacking attacks exploit memory corruption vulnerabilities to divert program execution away from the intended control flow. Researchers have spent more than a decade studying and refining defenses based on Control-Flow Integrity (CFI); this technique is now integrated into several production compilers. However, so far, no study has systematically compared the various proposed CFI mechanisms nor is there any protocol on how to compare such mechanisms. We compare a broad range of CFI mechanisms using a unified nomenclature based on (i) a qualitative discussion of the conceptual security guarantees, (ii) a quantitative security evaluation, and (iii) an empirical evaluation of their performance in the same test environment. For each mechanism, we evaluate (i) protected types of control-flow transfers and (ii) precision of the protection for forward and backward edges. For open-source, compiler-based implementations, we also evaluate (iii) generated equivalence classes and target sets and (iv) runtime performance.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Automatic Contract Insertion with CCBot
Scott A Carr ... Mathias Payer
IEEE Transactions on Software Engineering | VOL. 43
Scott A Carr, et. al.Scott A Carr ... Mathias Payer
01 Aug 2017
Control-Flow Hijacking
Mathias Payer
-
Mathias PayerMathias Payer
02 Apr 2017
Losing Control
Mauro Conti ... Christopher Liebchen
-
Mauro Conti, et. al.Mauro Conti ... Christopher Liebchen
12 Oct 2015
PageDumper: a mechanism to collect page table manipulation information at run-time
Trushna Parida ... Suvrojit Das
International Journal of Information Security | VOL. 20
Trushna Parida, et. al.Trushna Parida ... Suvrojit Das
01 Sep 2020
View more papers

More From: ACM Computing Surveys

Paper Title
Journal
Date
Author
Backdoor Attacks and Defenses Targeting Multi-Domain AI Models: A Comprehensive Review
Shaobo Zhang ... Guojun Wang
ACM Computing Surveys | VOL. -
Shaobo Zhang, et. al.Shaobo Zhang ... Guojun Wang
15 Nov 2024
Private and Secure Distributed Deep Learning: A Survey
Corinne Allaart ... Sander Klous
ACM Computing Surveys | VOL. -
Corinne Allaart, et. al.Corinne Allaart ... Sander Klous
15 Nov 2024
Systematic Review of Generative Modelling Tools and Utility Metrics for Fully Synthetic Tabular Data
Anton Danholt Lautrup ... Peter Schneider-Kamp
ACM Computing Surveys | VOL. -
Anton Danholt Lautrup, et. al.Anton Danholt Lautrup ... Peter Schneider-Kamp
14 Nov 2024
Acceleration for Deep Reinforcement Learning using Parallel and Distributed Computing: A Survey
Zhihong Liu ... Dongsheng Li
ACM Computing Surveys | VOL. -
Zhihong Liu, et. al.Zhihong Liu ... Dongsheng Li
14 Nov 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.