J. Danger, S. Guilley, Thibault Porteboeuf, Florian Praden, Michaël Timbert
{"title":"HCODE:硬件增强实时CFI","authors":"J. Danger, S. Guilley, Thibault Porteboeuf, Florian Praden, Michaël Timbert","doi":"10.1145/2689702.2689708","DOIUrl":null,"url":null,"abstract":"Cyber-attacks are widely known to be a major threat on computing devices. Many attacks exploit a latent problem in the host program. This can be a misconfiguration or a real programming error (e.g., lack of user-provided input verification or untested corner cases). Once such a bug is identified, attack programs can be devised, which will for instance install a payload on the victim host. Many features have been developed to protect from these infection vectors. In this paper we present a simple hardware/software solution able to check good execution of one program by checking that each basic block is correctly executed and that the Control Flow Graph (CFG) is respected. We call this control-flow integrity (CFI). We are able to do so in real time without adding new opcodes in the processor, but by modifying slightly the executed code. Moreover, we also aim at verifying that the sequence of instructions is correctly executed within each basic block. In this respect, we implement a hardware module called HCODE, (short for Hashing CODE), into the processor which reads each instruction executed by the processor and computes some signature to check against a genuine copy of precomputed signatures.","PeriodicalId":308663,"journal":{"name":"Proceedings of the 4th Program Protection and Reverse Engineering Workshop","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":"{\"title\":\"HCODE: Hardware-Enhanced Real-Time CFI\",\"authors\":\"J. Danger, S. Guilley, Thibault Porteboeuf, Florian Praden, Michaël Timbert\",\"doi\":\"10.1145/2689702.2689708\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber-attacks are widely known to be a major threat on computing devices. Many attacks exploit a latent problem in the host program. This can be a misconfiguration or a real programming error (e.g., lack of user-provided input verification or untested corner cases). Once such a bug is identified, attack programs can be devised, which will for instance install a payload on the victim host. Many features have been developed to protect from these infection vectors. In this paper we present a simple hardware/software solution able to check good execution of one program by checking that each basic block is correctly executed and that the Control Flow Graph (CFG) is respected. We call this control-flow integrity (CFI). We are able to do so in real time without adding new opcodes in the processor, but by modifying slightly the executed code. Moreover, we also aim at verifying that the sequence of instructions is correctly executed within each basic block. In this respect, we implement a hardware module called HCODE, (short for Hashing CODE), into the processor which reads each instruction executed by the processor and computes some signature to check against a genuine copy of precomputed signatures.\",\"PeriodicalId\":308663,\"journal\":{\"name\":\"Proceedings of the 4th Program Protection and Reverse Engineering Workshop\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-12-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 4th Program Protection and Reverse Engineering Workshop\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2689702.2689708\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 4th Program Protection and Reverse Engineering Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2689702.2689708","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Cyber-attacks are widely known to be a major threat on computing devices. Many attacks exploit a latent problem in the host program. This can be a misconfiguration or a real programming error (e.g., lack of user-provided input verification or untested corner cases). Once such a bug is identified, attack programs can be devised, which will for instance install a payload on the victim host. Many features have been developed to protect from these infection vectors. In this paper we present a simple hardware/software solution able to check good execution of one program by checking that each basic block is correctly executed and that the Control Flow Graph (CFG) is respected. We call this control-flow integrity (CFI). We are able to do so in real time without adding new opcodes in the processor, but by modifying slightly the executed code. Moreover, we also aim at verifying that the sequence of instructions is correctly executed within each basic block. In this respect, we implement a hardware module called HCODE, (short for Hashing CODE), into the processor which reads each instruction executed by the processor and computes some signature to check against a genuine copy of precomputed signatures.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
