Title

Hafix: Hardware-Assisted Flow Integrity Extension

Abstract

Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on diverse processor architectures. Designing practical and secure defenses against code-reuse attacks is highly challenging and currently subject to intense research. However, no secure and practical system-level solutions exist so far, since a large number of proposed defenses have been successfully bypassed. To tackle this attack, we present H AFIX (Hardware-Assisted Flow Integrity eXtension), a defense against code-reuse attacks exploiting backward edges (returns). H AFIX provides fine-grained and practical protection, and serves as an enabling technology for future control-flow integrity instantiations. This paper presents the implementation and evaluation of HAFIX for the Intel® Siskiyou Peak and SPARC embedded system architectures, and demonstrates its security and efficiency in code-reuse protection while incurring only 2% performance overhead.

Publication Date

7-24-2015

Publication Title

Proceedings - Design Automation Conference

Volume

2015-July

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

DOI Link

https://doi.org/10.1145/2744769.2744847

Socpus ID

84944080766 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/84944080766

This document is currently not available here.

Share

COinS