Random CFI (RCFI): Efficient Fine-Grained Control-Flow Integrity Through Random Verification
- Authors
- Park, Moon Chan; Lee, Dong Hoon
- Issue Date
- 1-5월-2021
- Publisher
- IEEE COMPUTER SOC
- Keywords
- Security; Software; Payloads; Central Processing Unit; Aerospace electronics; Runtime; Computer bugs; Control-data attack; control-flow hijacking; control-flow integrity (CFI)
- Citation
- IEEE TRANSACTIONS ON COMPUTERS, v.70, no.5, pp.733 - 745
- Indexed
- SCIE
SCOPUS
- Journal Title
- IEEE TRANSACTIONS ON COMPUTERS
- Volume
- 70
- Number
- 5
- Start Page
- 733
- End Page
- 745
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/128062
- DOI
- 10.1109/TC.2020.2995838
- ISSN
- 0018-9340
- Abstract
- In theory, Control-Flow Integrity (CFI) is considered a principled solution against control-data attacks. However, most fine-grained CFI schemes that ensure such high security suffer from significant performance overhead. Existing practical implementations have been proposed to overcome this performance overhead problem, but they have proven unable to guarantee high security because development of these implementations has focused on only improving performance, at the expense of the security guarantee. Even though it is important for CFI schemes to provide both high security and low performance overhead, existing research on CFI is limited either by way of performance or security guarantee. We propose a new approach of verification method in fine-grained CFI to achieve these two goals. Our scheme performs selective and random verifications for certain branches rather than all branches, and thus, can reduce performance overhead. We show improved performance by evaluating our proof-of-concept implementation on SPEC CPU 2017. In addition, we also show that our scheme does not significantly sacrifice the security guarantee of fine-grained CFI by analyzing the structure of existing control-data attack exploits, which were collected from real-world exploits DB and related literature.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - School of Cyber Security > Department of Information Security > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.