论文信息 - Study of How to Obtain Control Flow Invariant

Study of How to Obtain Control Flow Invariant

The traditional control flow integrity usually takes dynamic control transfer as the measurement object. And it means that the attacker can subvert software by modifying the obvious victim. To overcome it, a novel concept, called as control flow invariant, is presented in this paper. Control structure invariant is a certain law followed by software run. Not limited to dynamic control transfer, control structure invariant have more forms, thus supporting more types of control flow integrity measure. In order to find more control structure invariant, we proposes to use hardware to capture the trace information of software running, and analyze it to mine the control structure invariant. We give a case study that a system on Intel PMC is introduced to show the reasonableness of our solution.

Hongwei Zhou | Keda Kang | Jinhui Yuan

[1] Crispan Cowan,et al. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.

[2] Xuxian Jiang,et al. Defeating Dynamic Data Kernel Rootkit Attacks via VMM-Based Guest-Transparent Monitoring , 2009, 2009 International Conference on Availability, Reliability and Security.

[3] Mihai Budiu,et al. Control-flow integrity principles, implementations, and applications , 2009, TSEC.

[4] Xuxian Jiang,et al. Mitigating code-reuse attacks with control-flow locking , 2011, ACSAC '11.

[5] Jinhui Yuan,et al. BeCFI: detecting hidden control flow with performance monitoring counters , 2016, Int. J. High Perform. Comput. Netw..

[6] Fabrice Bellard,et al. QEMU, a Fast and Portable Dynamic Translator , 2005, USENIX ATC, FREENIX Track.

[7] Xin Wu,et al. HDROP: Detecting ROP Attacks Using Performance Monitoring Counters , 2014, ISPEC.