Control-flow restrictor: compiler-based CFI for iOS

Proceedings of the 29th Annual Computer Security Applications Conference Pub Date : 2013-12-09 DOI:10.1145/2523649.2523674

Jannik Pewny, Thorsten Holz

{"title":"Control-flow restrictor: compiler-based CFI for iOS","authors":"Jannik Pewny, Thorsten Holz","doi":"10.1145/2523649.2523674","DOIUrl":null,"url":null,"abstract":"Runtime attacks that exploit software vulnerabilities are still an important concern nowadays. Even smartphone operating systems such as Apple's iOS are affected by such attacks since the system is implemented in Objective-C, a programming language that enables attacks such as buffer overflows. As a generic protection technique against a whole class of attacks, control-flow integrity (CFI) offers some interesting properties. Recent work demonstrated that CFI can be implemented on iOS by patching the binary during the loading process and adding an instrumentation layer that enforces CFI during runtime. However, this approach is of little practical value since it requires a jailbroken device, which hinders wide employment. Furthermore, binary patching has a certain performance impact. In this paper, we show how CFI can be implemented directly within a compiler, making the approach widely deployable on all kinds of iOS devices. We extend the LLVM compiler and add our CFI enforcement approach during the compilation phase of a given app. An empirical evaluation shows that the size and performance overhead is reasonable.","PeriodicalId":127404,"journal":{"name":"Proceedings of the 29th Annual Computer Security Applications Conference","volume":"61 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"66","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 29th Annual Computer Security Applications Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2523649.2523674","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 66

Abstract

Runtime attacks that exploit software vulnerabilities are still an important concern nowadays. Even smartphone operating systems such as Apple's iOS are affected by such attacks since the system is implemented in Objective-C, a programming language that enables attacks such as buffer overflows. As a generic protection technique against a whole class of attacks, control-flow integrity (CFI) offers some interesting properties. Recent work demonstrated that CFI can be implemented on iOS by patching the binary during the loading process and adding an instrumentation layer that enforces CFI during runtime. However, this approach is of little practical value since it requires a jailbroken device, which hinders wide employment. Furthermore, binary patching has a certain performance impact. In this paper, we show how CFI can be implemented directly within a compiler, making the approach widely deployable on all kinds of iOS devices. We extend the LLVM compiler and add our CFI enforcement approach during the compilation phase of a given app. An empirical evaluation shows that the size and performance overhead is reasonable.

查看原文本刊更多论文

控制流限制器:iOS的基于编译器的CFI

利用软件漏洞的运行时攻击现在仍然是一个重要的问题。甚至像苹果的iOS这样的智能手机操作系统也受到这种攻击的影响，因为系统是用Objective-C实现的，这是一种允许缓冲区溢出等攻击的编程语言。控制流完整性(CFI)作为一种针对整个攻击类的通用保护技术，提供了一些有趣的特性。最近的研究表明，CFI可以在iOS上实现，方法是在加载过程中修补二进制文件，并在运行时添加一个执行CFI的工具层。然而，这种方法没有什么实际价值，因为它需要一个越狱设备，这阻碍了广泛的应用。此外，二进制补丁有一定的性能影响。在本文中，我们展示了如何在编译器中直接实现CFI，使该方法可广泛部署在各种iOS设备上。我们扩展了LLVM编译器，并在给定应用程序的编译阶段添加了我们的CFI强制方法。经验评估表明，大小和性能开销是合理的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 29th Annual Computer Security Applications Conference

自引率

0.00%

发文量