Control Flow and Code Integrity for COTS binaries: An Effective Defense Against Real-World ROP Attacks

Proceedings of the 31st Annual Computer Security Applications Conference Pub Date : 2015-12-07 DOI:10.1145/2818000.2818016

Mingwei Zhang, R. Sekar

{"title":"Control Flow and Code Integrity for COTS binaries: An Effective Defense Against Real-World ROP Attacks","authors":"Mingwei Zhang, R. Sekar","doi":"10.1145/2818000.2818016","DOIUrl":null,"url":null,"abstract":"Despite decades of sustained effort, memory corruption attacks continue to be one of the most serious security threats faced today. They are highly sought after by attackers, as they provide ultimate control --- the ability to execute arbitrary low-level code. Attackers have shown time and again their ability to overcome widely deployed countermeasures such as Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) by crafting Return Oriented Programming (ROP) attacks. Although Turing-complete ROP attacks have been demonstrated in research papers, real-world ROP payloads have had a more limited objective: that of disabling DEP so that injected native code attacks can be carried out. In this paper, we provide a systematic defense, called Control Flow and Code Integrity (CFCI), that makes injected native code attacks impossible. CFCI achieves this without sacrificing compatibility with existing software, the need to replace system programs such as the dynamic loader, and without significant performance penalty. We will release CFCI as open-source software by the time of this conference.","PeriodicalId":338725,"journal":{"name":"Proceedings of the 31st Annual Computer Security Applications Conference","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"41","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 31st Annual Computer Security Applications Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2818000.2818016","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 41

Abstract

Despite decades of sustained effort, memory corruption attacks continue to be one of the most serious security threats faced today. They are highly sought after by attackers, as they provide ultimate control --- the ability to execute arbitrary low-level code. Attackers have shown time and again their ability to overcome widely deployed countermeasures such as Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) by crafting Return Oriented Programming (ROP) attacks. Although Turing-complete ROP attacks have been demonstrated in research papers, real-world ROP payloads have had a more limited objective: that of disabling DEP so that injected native code attacks can be carried out. In this paper, we provide a systematic defense, called Control Flow and Code Integrity (CFCI), that makes injected native code attacks impossible. CFCI achieves this without sacrificing compatibility with existing software, the need to replace system programs such as the dynamic loader, and without significant performance penalty. We will release CFCI as open-source software by the time of this conference.

查看原文本刊更多论文

COTS二进制文件的控制流和代码完整性:对真实世界ROP攻击的有效防御

尽管经过了数十年的持续努力，内存损坏攻击仍然是当今面临的最严重的安全威胁之一。它们受到攻击者的高度追捧，因为它们提供了终极控制——执行任意低级代码的能力。攻击者已经一次又一次地展示了他们通过制作面向返回的编程(ROP)攻击来克服广泛部署的对策(如地址空间布局随机化(ASLR)和数据执行预防(DEP))的能力。尽管图灵完全ROP攻击已经在研究论文中得到了证明，但现实世界的ROP有效载荷有一个更有限的目标:禁用DEP，以便可以进行注入的本机代码攻击。在本文中，我们提供了一个系统的防御，称为控制流和代码完整性(CFCI)，使注入的本机代码攻击不可能。CFCI在不牺牲与现有软件的兼容性，不需要替换系统程序(如动态加载程序)的情况下实现了这一点，并且没有显著的性能损失。我们将在本次会议期间将CFCI作为开源软件发布。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 31st Annual Computer Security Applications Conference

自引率

0.00%

发文量