Title
Strategy Without Tactics: Policy-Agnostic Hardware-Enhanced Control-Flow Integrity
Abstract
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constitute a severe threat against diverse computing platforms. Existing CFI solutions (both in software and hardware) suffer from shortcomings such as (i) inefficiency, (ii) security weaknesses, or (iii) are not scalable. In this paper, we present a generic hardware-enhanced CFI scheme that tackles these problems and allows to enforce diverse CFI policies. Our approach fully supports multi-tasking, shared libraries, prevents various forms of code-reuse attacks, and allows CFI protected code and legacy code to co-exist. We evaluate our implementation on SPARC LEON3 and demonstrate its high efficiency.
Publication Date
6-5-2016
Publication Title
Proceedings - Design Automation Conference
Volume
05-09-June-2016
Document Type
Article; Proceedings Paper
Personal Identifier
scopus
DOI Link
https://doi.org/10.1145/2897937.2898098
Copyright Status
Unknown
Socpus ID
84977156835 (Scopus)
Source API URL
https://api.elsevier.com/content/abstract/scopus_id/84977156835
STARS Citation
Sullivan, Dean; Arias, Orlando; Davi, Lucas; Larsen, Per; and Sadeghi, Ahmad Reza, "Strategy Without Tactics: Policy-Agnostic Hardware-Enhanced Control-Flow Integrity" (2016). Scopus Export 2015-2019. 4061.
https://stars.library.ucf.edu/scopus2015/4061