Title:
New Perspectives on Control-Flow Hijacking Mitigation
New Perspectives on Control-Flow Hijacking Mitigation
dc.contributor.author | Burow, Nathan | |
dc.contributor.corporatename | Georgia Institute of Technology. Institute for Information Security & Privacy | en_US |
dc.contributor.corporatename | Purdue University. Center for Education and Research in Information Assurance and Security | en_US |
dc.date.accessioned | 2018-09-28T14:52:46Z | |
dc.date.available | 2018-09-28T14:52:46Z | |
dc.date.issued | 2018-09-21 | |
dc.description | Presented on September 21, 2018 at 12:00 p.m. in the Engineered Biosystems Building, Room 1005. | en_US |
dc.description | Nathan Burow is a post-doctoral researcher at Purdue University under Dr. Mathias Payer. His research interests lie in compiler technologies to mitigate control-flow hijacking attacks. In particular, he is interested in memory safety and policies, such as CFI, that attempt to prevent exploits without preventing memory safety violations. Burrow was a founding member and the first president of Purdue’s "B01lers" capture-the-flag hacking team. | en_US |
dc.description | Runtime: 43:14 minutes | en_US |
dc.description.abstract | Despite over 20 years of research, control-flow hijacking attacks remain the most significant threat to software security. Attackers exploit C/C++ lack of memory and type safety to corrupt code-pointers, thereby hijacking application control flow and redirecting it to locations of their choice. Control-flow hijacking through code-pointer corruption lies at the heart of modern code-reuse attacks such as return-oriented programming (ROP). The state-of-the-art defense against these attacks is Control-Flow Integrity (CFI), which limits attackers to a set of targets based on a static computation of the program’s control-flow graph (CFG). Computing the CFG relies on alias analysis, which is fundamentally over-approximated, leaving attackers sufficient freedom to exploit software. Further, deployed CFI implementations do not protect return instructions and so do not mitigate ROP. This talk will focus on recent advancements by myself and the HexHive group at Purdue in addressing both the precision of control-flow hijacking defenses and also protecting returns. For precision, we observe that C++ virtual calls have their targets uniquely determined by the underlying object’s class. Consequently, we introduce a new policy called Object Type Integrity (OTI) that dynamically tracks the class (type) of every object, thereby protecting virtual calls. OTI is significantly more precise than CFI on real-world applications such as browsers, allowing only one target for virtual calls as opposed to a set of up to 100. Returns are best protected by shadow stacks, which mirror the return addresses in a protected memory region. We comprehensively evaluate the design and performance of all existing shadow stack mechanisms, allowing us to identify two new shadow stack mechanisms and recommend a design for deployment. | en_US |
dc.format.extent | 43:14 minutes | |
dc.identifier.uri | http://hdl.handle.net/1853/60451 | |
dc.language.iso | en_US | en_US |
dc.publisher | Georgia Institute of Technology | en_US |
dc.relation.ispartofseries | Cybersecurity Lecture Series | |
dc.subject | Control-flow hijacking | en_US |
dc.subject | Control-flow integrity | en_US |
dc.subject | Object type integrity | en_US |
dc.subject | Shadow stacks | en_US |
dc.title | New Perspectives on Control-Flow Hijacking Mitigation | en_US |
dc.type | Moving Image | |
dc.type.genre | Lecture | |
dspace.entity.type | Publication | |
local.contributor.corporatename | School of Cybersecurity and Privacy | |
local.contributor.corporatename | College of Computing | |
local.relation.ispartofseries | Institute for Information Security & Privacy Cybersecurity Lecture Series | |
relation.isOrgUnitOfPublication | f6d1765b-8d68-42f4-97a7-fe5e2e2aefdf | |
relation.isOrgUnitOfPublication | c8892b3c-8db6-4b7b-a33a-1b67f7db2021 | |
relation.isSeriesOfPublication | 2b4a3c7a-f972-4a82-aeaa-818747ae18a7 |
Files
Original bundle
1 - 4 of 4
No Thumbnail Available
- Name:
- burow.mp4
- Size:
- 347.26 MB
- Format:
- MP4 Video file
- Description:
- Download video
No Thumbnail Available
- Name:
- burow_videostream.html
- Size:
- 1.01 KB
- Format:
- Hypertext Markup Language
- Description:
- Streaming video
No Thumbnail Available
- Name:
- transcription.txt
- Size:
- 38.79 KB
- Format:
- Plain Text
- Description:
- Transcription
- Name:
- thumbnail.jpg
- Size:
- 193.7 KB
- Format:
- Joint Photographic Experts Group/JPEG File Interchange Format (JFIF)
- Description:
- Thumbnail
License bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- license.txt
- Size:
- 3.13 KB
- Format:
- Item-specific license agreed upon to submission
- Description: