Control flow integrity for COTS binaries 论文

摘要

Control-Flow Integrity (CFI) has been recognized as an important low-level security property. Its enforcement can defeat most injected and existing code attacks, in-cluding those based on Return-Oriented Programming (ROP). Previous implementations of CFI have required compiler support or the presence of relocation or debug information in the binary. In contrast, we present a tech-nique for applying CFI to stripped binaries on x86/Linux. Ours is the first work to apply CFI to complex shared libraries such as glibc. Through experimental evalu-ation, we demonstrate that our CFI implementation is effective against control-flow hijack attacks, and elimi-nates the vast majority of ROP gadgets. To achieve this result, we have developed robust techniques for disas-sembly, static analysis, and transformation of large bina-ries. Our techniques have been tested on over 300MB of binaries (executables and shared libraries). 1