Arias, Orlando ; Davi, Lucas ; Hanreich, Matthias ; Jin, Yier ; Koeberl, Patrick ; Paul, Debayan ; Sadeghi, Ahmad-Reza ; Sullivan, Dean (2015)
HAFIX: Hardware-Assisted Flow Integrity Extension (Best Paper Award).
DAC '15: The 52nd Annual Design Automation Conference 2015. San Francisco, California (07.06.2015-11.06.2015)
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on diverse processor architectures. Designing practical and secure defenses against code-reuse attacks is highly challenging and currently subject to intense research. However, no secure and practical system-level solutions exist so far, since a large number of proposed defenses have been successfully bypassed. To tackle this attack, we present HAFIX (Hardware-Assisted Flow Integrity eXtension), a defense against code-reuse attacks exploiting backward edges (returns). HAFIX provides fine-grained and practical protection, and serves as an enabling technology for future control-flow integrity instantiations. This paper presents the implementation and evaluation of HAFIX for the Intelr Siskiyou Peak and SPARC embedded system architectures, and demonstrates its security and efficiency in code-reuse protection while incurring only 2% performance overhead.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2015 |
| Autor(en): | Arias, Orlando ; Davi, Lucas ; Hanreich, Matthias ; Jin, Yier ; Koeberl, Patrick ; Paul, Debayan ; Sadeghi, Ahmad-Reza ; Sullivan, Dean |
| Art des Eintrags: | Bibliographie |
| Titel: | HAFIX: Hardware-Assisted Flow Integrity Extension (Best Paper Award) |
| Sprache: | Englisch |
| Publikationsjahr: | Juni 2015 |
| Ort: | New York |
| Verlag: | ACM |
| Buchtitel: | 52nd Design Automation Conference (DAC) |
| Veranstaltungstitel: | DAC '15: The 52nd Annual Design Automation Conference 2015 |
| Veranstaltungsort: | San Francisco, California |
| Veranstaltungsdatum: | 07.06.2015-11.06.2015 |
| Kurzbeschreibung (Abstract): | Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on diverse processor architectures. Designing practical and secure defenses against code-reuse attacks is highly challenging and currently subject to intense research. However, no secure and practical system-level solutions exist so far, since a large number of proposed defenses have been successfully bypassed. To tackle this attack, we present HAFIX (Hardware-Assisted Flow Integrity eXtension), a defense against code-reuse attacks exploiting backward edges (returns). HAFIX provides fine-grained and practical protection, and serves as an enabling technology for future control-flow integrity instantiations. This paper presents the implementation and evaluation of HAFIX for the Intelr Siskiyou Peak and SPARC embedded system architectures, and demonstrates its security and efficiency in code-reuse protection while incurring only 2% performance overhead. |
| ID-Nummer: | TUD-CS-2015-0105 |
| Fachbereich(e)/-gebiet(e): | Profilbereiche Profilbereiche > Cybersicherheit (CYSEC) |
| Hinterlegungsdatum: | 30 Dez 2016 21:25 |
| Letzte Änderung: | 14 Nov 2023 09:48 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum