Skip to main content
SpringerLink
Log in

Fully Context-Sensitive CFI for COTS Binaries

  • Conference paper
  • First Online:
Book cover Information Security and Privacy (ACISP 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10343))

Included in the following conference series:

Abstract

Control-Flow Integrity (CFI) is a popular method against control-flow hijacking attacks. For Commercial Off-the-Shelf (COTS) binaries, in order to reduce the runtime overhead, traditional works provide coarse-grained CFI and thus are context-insensitive. Because of the inaccuracy of the control-flow graphs (CFGs), they can hardly defend against elaborately designed attacks. We present a fully context-sensitive CFI method (FCCFI), which determines the validity of the control flow of the current execution path through checking the whole execution path instead of the single edge or partial edges in the execution path. FCCFI gathers the control-flow information in the offline phase and tracks the execution paths to gather the process-tracking information during runtime. Then it compares the control-flow information with the process-tracking information to check the validity of the control flow. We implement the system and evaluate the security of the implementation. The evaluation results show that FCCFI can defend against most common control-flow hijacking attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 340–353. ACM (2005)

    Google Scholar 

  2. Carlini, N., Wagner, D.: ROP is still dangerous: breaking modern defenses. In: Proceedings of the 23rd USENIX Security Symposium, pp. 385–399 (2014)

    Google Scholar 

  3. Davi, L., Sadeghi, A.R., Lehmann, D., Monrose, F.: Stitching the gadgets: on the ineffectiveness of coarse-grained control-flow integrity protection. In: Proceedings of the 23rd USENIX Security Symposium, pp. 401–416 (2014)

    Google Scholar 

  4. Göktaş, E., Athanasopoulos, E., Bos, H., Portokalidis, G.: Out of control: overcoming control-flow integrity. In: Proceedings of the 35th IEEE Symposium on Security and Privacy, pp. 575–589. IEEE (2014)

    Google Scholar 

  5. Göktaş, E., Athanasopoulos, E., Polychronakis, M., Bos, H., Portokalidis, G.: Size does matter: why using gadget-chain length to prevent code-reuse attacks is hard. In: Proceedings of the 23rd USENIX Security Symposium, pp. 417–432 (2014)

    Google Scholar 

  6. Kemerlis, V.P., Portokalidis, G., Jee, K., Keromytis, A.D.: Libdft: practical dynamic data flow tracking for commodity systems. In: Proceedings of the 8th International Conference on Virtual Execution Environments, pp. 121–132 (2012)

    Google Scholar 

  7. Pappas, V., Polychronakis, M., Keromytis, A.D.: Transparent ROP exploit mitigation using indirect branch tracing. In: Proceedings of the 22nd USENIX Security Symposium, pp. 447–462 (2013)

    Google Scholar 

  8. Wang, M., Yin, H., Bhaskar, A.V., Su, P., Feng, D.: Binary code continent: finer-grained control flow integrity for stripped binaries. In: Proceedings of the 31st Annual Computer Security Applications Conference, pp. 331–340. ACM (2015)

    Google Scholar 

  9. Wilander, J., Nikiforakis, N., Younan, Y., Kamkar, M., Joosen, W.: RIPE: runtime intrusion prevention evaluator. In: Proceedings of the 27th Annual Computer Security Applications Conference, pp. 41–50 (2011)

    Google Scholar 

  10. Xia, Y., Liu, Y., Chen, H., Zang, B.: CFIMon: detecting violation of control flow integrity using performance counters. In: Proceedings of the 42nd IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 1–12. IEEE (2012)

    Google Scholar 

  11. Zhang, C., Wei, T., Chen, Z., Duan, L., Szekeres, L., McCamant, S., Song, D., Zou, W.: Practical control flow integrity and randomization for binary executables. In: Proceedings of the 34th IEEE Symposium on Security and Privacy, pp. 559–573. IEEE (2013)

    Google Scholar 

  12. Zhang, M., Sekar, R.: Control flow integrity for cots binaries. In: Proceedings of the 22nd USENIX Security Symposium, pp. 337–352 (2013)

    Google Scholar 

Download references

Acknowledgement

This work is supported by National Natural Science Foundation of China under grant No.61370106, and by National Key Research & Development (R&D) Plan of China under grant No. 2016YFB0200300.

Author information

Authors and Affiliations

  1. Services Computing Technology and System Lab, Cluster and Grid Computing Lab, Big Data Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China

    Weizhong Qiang, Yingda Huang, Deqing Zou, Hai Jin & Shizhen Wang

  2. Dawning Information Industry (Beijing) Co., Ltd., Beijing, 100193, China

    Guozhong Sun

Authors
  1. Weizhong Qiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yingda Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Deqing Zou
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hai Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Shizhen Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Guozhong Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Weizhong Qiang .

Editor information

Editors and Affiliations

  1. Queensland University of Technology, Brisbane, Queensland, Australia

    Josef Pieprzyk

  2. Queensland University of Technology, Brisbane, Queensland, Australia

    Suriadi Suriadi

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Qiang, W., Huang, Y., Zou, D., Jin, H., Wang, S., Sun, G. (2017). Fully Context-Sensitive CFI for COTS Binaries. In: Pieprzyk, J., Suriadi, S. (eds) Information Security and Privacy. ACISP 2017. Lecture Notes in Computer Science(), vol 10343. Springer, Cham. https://doi.org/10.1007/978-3-319-59870-3_28

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-59870-3_28

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-59869-7

  • Online ISBN: 978-3-319-59870-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation