Advertisement

Discussion and Conclusion

  • Lucas Davi
  • Ahmad-Reza Sadeghi
Chapter
Part of the SpringerBriefs in Computer Science book series (BRIEFSCOMPUTER)

Abstract

Modern runtime exploits perform malicious program actions based on the principle of code-reuse. These attacks require no code injection, bypass widely deployed defense mechanisms, allow Turing-complete computation, can be applied to many processor architectures, and are highly challenging to prevent.

References

  1. 1.
    Abadi, M., Budiu, M., Erlingsson, Ú., Ligatti, J.: A theory of secure control-flow. In: Proceedings of the 7th International Conference on Formal Methods and Software Engineering, ICFEM’05 (2005). URL http://dx.doi.org/10.1007/11576280_9
  2. 2.
    Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity: principles, implementations, and applications. ACM Trans. Inf. Syst. Secur. 13(1), 4:1–4:40 (2009). URL http://doi.acm.org/10.1145/1609956.1609960
  3. 3.
    Cohen, F.B.: Operating system protection through program evolution. Comput. Secur. 12(6), 565–584 (1993). doi: 10.1016/0167-4048(93)90054-9 CrossRefGoogle Scholar
  4. 4.
    Evans, I., Fingeret, S., Gonzalez, J., Otgonbaatar, U., Tang, T., Shrobe, H., Sidiroglou-Douskos, S., Rinard, M., Okhravi, H.: Missing the point(er): on the effectiveness of code pointer integrity. In: Proceedings of the 36th IEEE Symposium on Security and Privacy, SP’15 (2015, to appear)Google Scholar
  5. 5.
    Göktas, E., Athanasopoulos, E., Bos, H., Portokalidis, G.: Out of control: overcoming control-flow integrity. In: Proceedings of the 35th IEEE Symposium on Security and Privacy, SP’14 (2014). URL http://dx.doi.org/10.1109/SP.2014.43
  6. 6.
    Hund, R., Willems, C., Holz, T.: Practical timing side channel attacks against kernel space aslr. In: Proceedings of the 34th IEEE Symposium on Security and Privacy, SP’13 (2013). URL http://dx.doi.org/10.1109/SP.2013.23
  7. 7.
    Kuznetsov, V., Szekeres, L., Payer, M., Candea, G., Sekar, R., Song, D.: Code-pointer integrity. In: Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation, OSDI’14 (2014). URL http://dl.acm.org/citation.cfm?id=2685048.2685061
  8. 8.
    Matrosov, A., Rodionov, E., Harley, D., Malcho, J.: Stuxnet under the microscope (2001). URL http://www.esetnod32.ru/company/viruslab/analytics/doc/Stuxnet_Under_the_Microscope.pdf
  9. 9.
    Microsoft: Enhanced Mitigation Experience Toolkit. URL https://www.microsoft.com/emet
  10. 10.
    Microsoft Corporation: Visual Studio 2015 preview: work-in-progress security feature (2014). URL http://blogs.msdn.com/b/vcblog/archive/2014/12/08/visual-studio-2015-preview-work-in-progress-security-feature.aspx
  11. 11.
    Mohan, V., Larsen, P., Brunthaler, S., Hamlen, K.W., Franz, M.: Opaque control-flow integrity. In: Proceedings of the 22nd Annual Network and Distributed System Security Symposium, NDSS’15 (2015). URL http://www.internetsociety.org/doc/opaque-control-flow-integrity
  12. 12.
    Pappas, V., Polychronakis, M., Keromytis, A.D.: Transparent ROP exploit mitigation using indirect branch tracing. In: Proceedings of the 22nd USENIX Security Symposium (2013). URL http://dl.acm.org/citation.cfm?id=2534766.2534805
  13. 13.
    Schuster, F., Tendyck, T., Liebchen, C., Davi, L., Sadeghi, A.R., Holz, T.: Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications. In: Proceedings of the 36th IEEE Symposium on Security and Privacy, SP’15 (2015). doi:10.1109/SP.2015.51Google Scholar
  14. 14.
    Seibert, J., Okhravi, H., Söderström, E.: Information leaks without memory disclosures: Remote side channel attacks on diversified code. In: Proceedings of the 21st ACM SIGSAC Conference on Computer and Communications Security, CCS’14 (2014). URL http://doi.acm.org/10.1145/2660267.2660309
  15. 15.
    Snow, K.Z., Monrose, F., Davi, L., Dmitrienko, A., Liebchen, C., Sadeghi, A.R.: Just-in-time code reuse: on the effectiveness of fine-grained address space layout randomization. In: Proceedings of the 34th IEEE Symposium on Security and Privacy, SP’13 (2013). URL http://dx.doi.org/10.1109/SP.2013.45. Received the Best Student Paper Award
  16. 16.
    Szekeres, L., Payer, M., Wei, T., Song, D.: Sok: Eternal war in memory. In: Proceedings of the 34th IEEE Symposium on Security and Privacy, SP’13 (2013). URL http://dx.doi.org/10.1109/SP.2013.13
  17. 17.
    Tice, C., Roeder, T., Collingbourne, P., Checkoway, S., Erlingsson, Ú., Lozano, L., Pike, G.: Enforcing forward-edge control-flow integrity in GCC & LLVM. In: Proceedings of the 23rd USENIX Security Symposium (2014). URL http://dl.acm.org/citation.cfm?id=2671225.2671285
  18. 18.
    Tran, M., Etheridge, M., Bletsch, T., Jiang, X., Freeh, V., Ning, P.: On the expressiveness of return-into-libc attacks. In: Proceedings of the 14th International Conference on Recent Advances in Intrusion Detection, RAID’11 (2011). URL http://dx.doi.org/10.1007/978-3-642-23644-0_7
  19. 19.
    Zhang, M., Sekar, R.: Control flow integrity for COTS binaries. In: Proceedings of the 22nd USENIX Security Symposium (2013). URL http://dl.acm.org/citation.cfm?id=2534766.2534796
  20. 20.
    Zhang, C., Wei, T., Chen, Z., Duan, L., Szekeres, L., McCamant, S., Song, D., Zou, W.: Practical control flow integrity & randomization for binary executables. In: Proceedings of the 34th IEEE Symposium on Security and Privacy, SP’13 (2013). URL http://dx.doi.org/10.1109/SP.2013.44

Copyright information

© The Author(s) 2015

Authors and Affiliations

  • Lucas Davi
    • 1
  • Ahmad-Reza Sadeghi
    • 1
  1. 1.CASEDTechnische Universität DarmstadtDarmstadtGermany

Personalised recommendations