Analysis of Defenses Against Code Reuse Attacks on Modern and New Architectures

Abstract

Today, the most common avenue for exploitation of computer systems is a control-flow attack in which the attacker gains direct or indirect control of the instruction pointer.In order to gain remote code execution, attackers then exploit legitimate fragments of code in the executable via techniques such as return-oriented-programming or virtual table overwrites. This project aims to answer fundamental questions about the efficacy of control-flow-integrity (CFI), a defensive technique which attempts to prevent such attacks by ensuring that every control flow transfer corresponds to the original intent of the program author. Although this problem is in general undecidable, most programs running on modern operating systems adhere to standard conventions which allow inferences from static analysis to set a specification for allowable runtime behavior.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2015
Accession Number
AD1034626

Entities

People

  • Isaac N. Evans

Organizations

  • MIT Lincoln Laboratory

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Air Force
  • Algorithms
  • C Programming Language
  • Compilers
  • Computer Architecture
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Computing System Architectures
  • Debugging
  • Electrical Engineering
  • Engineering
  • Instruction Set Architecture
  • Instrumentation
  • New York
  • Operating Systems
  • Programming Languages
  • Robotics
  • Software Development
  • Standards
  • Test And Evaluation
  • United States
  • United States Government
  • Web Browsers

Fields of Study

  • Computer science

Readers

  • Computational Linguistics
  • Computer Programming and Software Development.
  • Cybersecurity.

Technology Areas

  • AI & ML