首页 > 其他 > 详细

论文阅读总结 Control-Flow Bending: On the Effectiveness of Control-Flow Integrity

时间:2017-02-17 15:02:38      阅读:202      评论:0      收藏:0      [点我收藏+]

Title: Control-Flow Bending:On the Effectiveness of Control-Flow Integrity

Author: N Carlini, A BarresiM PayerD Wagner, TR Gross

Publish: USENIX Security, 2015 

------------------------------------------------------------

摘要部分(原文):

Control-Flow Integrity (CFI) is a defense which prevents control-flow hijacking attacks. While recent research has shown that coarse-grained CFI does not stop attacks, fine-grained CFI is believed to be secure. 

We argue that assessing the effectiveness of practical CFI implementations is non-trivial and that common evaluation metrics fail to do so. We then evaluate fullyprecise static CFI — the most restrictive CFI policy that does not break functionality — and reveal limitations in its security. Using a generalization of non-control-data attacks which we call Control-Flow Bending (CFB), we show how an attacker can leverage a memory corruption vulnerability to achieve Turing-complete computation on memory using just calls to the standard library. We use this attack technique to evaluate fully-precise static CFI on six real binaries and show that in five out of six cases, powerful attacks are still possible. Our results suggest that CFI may not be a reliable defense against memory corruption vulnerabilities.

We further evaluate shadow stacks in combination with CFI and find that their presence for security is necessary: deploying shadow stacks removes arbitrary code execution capabilities of attackers in three of six cases.

 

------------------------------------------------------------

 

 个人总结:

针对于内存保护三大方法的局限性:

  1.ASLR:does not protect against information leakage

  2.DEP:DEP protects against code injection but not against code reuse

  3.stack canaries:protect only against contiguous overwrites of the stack

 

 

 

 

 

论文阅读总结 Control-Flow Bending: On the Effectiveness of Control-Flow Integrity

原文:http://www.cnblogs.com/lzhdcyy/p/6409723.html

(0)
(0)
   
举报
评论 一句话评论(0
关于我们 - 联系我们 - 留言反馈 - 联系我们:wmxa8@hotmail.com
© 2014 bubuko.com 版权所有
打开技术之扣,分享程序人生!