Tommaso Frassetto (Technical University of Darmstadt), Patrick Jauernig (Technical University of Darmstadt), David Koisser (Technical University of Darmstadt), Ahmad-Reza Sadeghi (Technical University of Darmstadt)

Software vulnerabilities are one of the major threats to computer security and have caused substantial damage over the past decades. Consequently, numerous techniques have been proposed to mitigate the risk of exploitation of vulnerable programs. One of the most relevant defense mechanisms is Control-Flow Integrity (CFI): multiple variants have been introduced and extensively discussed in academia as well as deployed in the industry. However, it is hard to compare the security guarantees of these implementations as existing metrics (such as AIR) do not consider the different usefulness to the attacker of different basic blocks, which are the fundamental components that constitute the code of any application.

This paper introduces BlockInsulation and CFGInsulation, novel metrics designed to overcome this limitation by modeling the usefulness of basic blocks for an attacker trying to traverse the program’s control-flow graph. Moreover, we propose a new CFI policy generator, named NumCFI, which is orthogonal to existing policy generators and prevents the attacker from taking shortcuts from vulnerable code to a system call instruction. We evaluate NumCFI, as well as a number of other CFI policy generators, using BlockInsulation, CFGInsulation, and existing metrics. Lastly, we describe l+tCFI, our implementation that combines NumCFI and an existing label-based policy, with a performance overhead of just 1.27%.

View More Papers

NSFuzz: Towards Efficient and State-Aware Network Service Fuzzing

Shisong Qin (Tsinghua University), Fan Hu (State Key Laboratory of Mathematical Engineering and Advanced Computing), Bodong Zhao (Tsinghua University), Tingting...

Read More

Phishing awareness and education – When to best remind?

Benjamin Maximilian Berens (SECUSO, Karlsruhe Institute of Technology), Katerina Dimitrova, Mattia Mossano (SECUSO, Karlsruhe Institute of Technology), Melanie Volkamer (SECUSO,...

Read More

Shipping security at scale in the Chrome browser

Adriana Porter Felt (Director of Engineering for Chrome)

Read More

Demo #4: Recovering Autonomous Robotic Vehicles from Physical Attacks

Pritam Dash (University of British Columbia) and Karthik Pattabiraman (University of British Columbia)

Read More