TU Darmstadt / ULB / TUbiblio

HAFIX: Hardware-Assisted Flow Integrity Extension (Best Paper Award)

Arias, Orlando ; Davi, Lucas ; Hanreich, Matthias ; Jin, Yier ; Koeberl, Patrick ; Paul, Debayan ; Sadeghi, Ahmad-Reza ; Sullivan, Dean (2015)
HAFIX: Hardware-Assisted Flow Integrity Extension (Best Paper Award).
DAC '15: The 52nd Annual Design Automation Conference 2015. San Francisco, California (07.06. - 11.06.2015)
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on diverse processor architectures. Designing practical and secure defenses against code-reuse attacks is highly challenging and currently subject to intense research. However, no secure and practical system-level solutions exist so far, since a large number of proposed defenses have been successfully bypassed. To tackle this attack, we present HAFIX (Hardware-Assisted Flow Integrity eXtension), a defense against code-reuse attacks exploiting backward edges (returns). HAFIX provides fine-grained and practical protection, and serves as an enabling technology for future control-flow integrity instantiations. This paper presents the implementation and evaluation of HAFIX for the Intelr Siskiyou Peak and SPARC embedded system architectures, and demonstrates its security and efficiency in code-reuse protection while incurring only 2% performance overhead.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2015
Autor(en): Arias, Orlando ; Davi, Lucas ; Hanreich, Matthias ; Jin, Yier ; Koeberl, Patrick ; Paul, Debayan ; Sadeghi, Ahmad-Reza ; Sullivan, Dean
Art des Eintrags: Bibliographie
Titel: HAFIX: Hardware-Assisted Flow Integrity Extension (Best Paper Award)
Sprache: Englisch
Publikationsjahr: Juni 2015
Ort: New York
Verlag: ACM
Buchtitel: 52nd Design Automation Conference (DAC)
Veranstaltungstitel: DAC '15: The 52nd Annual Design Automation Conference 2015
Veranstaltungsort: San Francisco, California
Veranstaltungsdatum: 07.06. - 11.06.2015
Kurzbeschreibung (Abstract):

Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on diverse processor architectures. Designing practical and secure defenses against code-reuse attacks is highly challenging and currently subject to intense research. However, no secure and practical system-level solutions exist so far, since a large number of proposed defenses have been successfully bypassed. To tackle this attack, we present HAFIX (Hardware-Assisted Flow Integrity eXtension), a defense against code-reuse attacks exploiting backward edges (returns). HAFIX provides fine-grained and practical protection, and serves as an enabling technology for future control-flow integrity instantiations. This paper presents the implementation and evaluation of HAFIX for the Intelr Siskiyou Peak and SPARC embedded system architectures, and demonstrates its security and efficiency in code-reuse protection while incurring only 2% performance overhead.

ID-Nummer: TUD-CS-2015-0105
Fachbereich(e)/-gebiet(e): Profilbereiche
Profilbereiche > Cybersicherheit (CYSEC)
Hinterlegungsdatum: 30 Dez 2016 21:25
Letzte Änderung: 14 Nov 2023 09:48
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen