Novel techniques in recovering, embedding, and enforcing policies for control-flow integrity / Yan Lin.
2021
QA76.9.A25
Formats
| Format | |
|---|---|
| BibTeX | |
| MARCXML | |
| TextMARC | |
| MARC | |
| DublinCore | |
| EndNote | |
| NLM | |
| RefWorks | |
| RIS |
Cite
Citation
Linked e-resources
Linked Resource
Concurrent users
Unlimited
Authorized users
Authorized users
Document Delivery Supplied
Can lend chapters, not whole ebooks
Details
Title
Novel techniques in recovering, embedding, and enforcing policies for control-flow integrity / Yan Lin.
Author
ISBN
9783030731410 (electronic bk.)
3030731413 (electronic bk.)
3030731405
9783030731403
3030731413 (electronic bk.)
3030731405
9783030731403
Published
Cham, Switzerland : Springer, [2021]
Language
English
Description
1 online resource (xiii, 95 pages) : illustrations.
Item Number
10.1007/978-3-030-73141-0 doi
Call Number
QA76.9.A25
Dewey Decimal Classification
005.8
Summary
Control-Flow Integrity (CFI) is an attractive security property with which most injected and code-reuse attacks can be defeated, including advanced attacking techniques like return-oriented programming. CFI extracts a control-flow graph (CFG) for a given program, with checks inserted before indirect branch instructions. Before executed during runtime, the checks consult the CFG to ensure that the indirect branch is allowed to reach the intended target. Hence, any sort of control-flow hijacking can be prevented. This concise volume proposes novel solutions to handle the fundamental components of CFI enforcement: accurately recovering the policy (CFG); embedding the CFI policy securely; and efficiently enforcing the CFI policy. Addressing the first component, the book systematically studies two methods that recover CFI policy based on function signature matching at the binary level, then offers a unique rule- and heuristic-based mechanism to more accurately recover function signature. To embed CFI policy securely, the book advocates a new platform that encodes the policy into the machine instructions directly without relying on consulting any read-only data structure. Finally, the work prescribes a mature dynamic-code-optimization platform called DynamoRIO to enforce the policy when needed. Key features: Provides deep understanding of Control-Flow Integrity Offers new insights on the relationship between function signature and compiler optimization Demonstrates how CFI can be more efficient than Data Execution Prevention This focused, distinctive volume will appeal to researchers, scientists, lecturers, as well as postgraduates with a background in binary analysis. Libraries, practitioners, and professionals will also benefit, depending on their missions and programs. Yan Lin is at the School of Computing and Information Systems, Singapore Management University. Her extensive foundational studies have focused on the area of cybersecurity, and her current research focuses on software security and system security.
Bibliography, etc. Note
Includes bibliographical references.
Access Note
Access limited to authorized users.
Source of Description
Online resource; title from PDF title page (SpringerLink, viewed May 10, 2021).
Series
Information security and cryptography.
Available in Other Form
Print version: 9783030731403
Linked Resources
Record Appears in
Table of Contents
Introduction
Literature Review
When Function Signature Recovery Meets Compiler Optimization
Control-Flow Carrying Code
Control-Flow Integrity Enforcement with Dynamic Code Optimization
Conclusion.
Literature Review
When Function Signature Recovery Meets Compiler Optimization
Control-Flow Carrying Code
Control-Flow Integrity Enforcement with Dynamic Code Optimization
Conclusion.