Arias, Orlando ; Davi, Lucas ; Hanreich, Matthias ; Jin, Yier ; Koeberl, Patrick ; Paul, Debayan ; Sadeghi, Ahmad-Reza ; Sullivan, Dean (2015):
HAFIX: Hardware-Assisted Flow Integrity Extension.
In: 52nd Design Automation Conference (DAC),
[Conference or Workshop Item]
Abstract
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on diverse processor architectures. Designing practical and secure defenses against code-reuse attacks is highly challenging and currently subject to intense research. However, no secure and practical system-level solutions exist so far, since a large number of proposed defenses have been successfully bypassed. To tackle this attack, we present HAFIX (Hardware-Assisted Flow Integrity eXtension), a defense against code-reuse attacks exploiting backward edges (returns). HAFIX provides fine-grained and practical protection, and serves as an enabling technology for future control-flow integrity instantiations. This paper presents the implementation and evaluation of \hwcfi\ for the Intel Siskiyou Peak and SPARC embedded system architectures, and demonstrates its security and efficiency in code-reuse protection while incurring only 2% performance overhead.
| Item Type: | Conference or Workshop Item |
|---|---|
| Erschienen: | 2015 |
| Creators: | Arias, Orlando ; Davi, Lucas ; Hanreich, Matthias ; Jin, Yier ; Koeberl, Patrick ; Paul, Debayan ; Sadeghi, Ahmad-Reza ; Sullivan, Dean |
| Title: | HAFIX: Hardware-Assisted Flow Integrity Extension |
| Language: | German |
| Abstract: | Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on diverse processor architectures. Designing practical and secure defenses against code-reuse attacks is highly challenging and currently subject to intense research. However, no secure and practical system-level solutions exist so far, since a large number of proposed defenses have been successfully bypassed. To tackle this attack, we present HAFIX (Hardware-Assisted Flow Integrity eXtension), a defense against code-reuse attacks exploiting backward edges (returns). HAFIX provides fine-grained and practical protection, and serves as an enabling technology for future control-flow integrity instantiations. This paper presents the implementation and evaluation of \hwcfi\ for the Intel Siskiyou Peak and SPARC embedded system architectures, and demonstrates its security and efficiency in code-reuse protection while incurring only 2% performance overhead. |
| Book Title: | 52nd Design Automation Conference (DAC) |
| Uncontrolled Keywords: | ICRI-SC;Secure Things; Solutions; S2 |
| Divisions: | 20 Department of Computer Science 20 Department of Computer Science > System Security Lab DFG-Collaborative Research Centres (incl. Transregio) DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres Profile Areas Profile Areas > Cybersecurity (CYSEC) LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres > CRC 1119: CROSSING – Cryptography-Based Security Solutions: Enabling Trust in New and Next Generation Computing Environments |
| Date Deposited: | 04 Aug 2016 10:13 |
| Identification Number: | TUD-CS-2015-0039 |
| PPN: | |
| Corresponding Links: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Send an inquiry |
Options (only for editors)
 |
Show editorial Details |
Drucken
Impressum