direkt zum Inhalt springen

direkt zum Hauptnavigationsmenü

Sie sind hier

TU Berlin

Page Content

Publications of KBS

Protecting Legacy Code against Control Hijacking via Execution Location Equivalence Checking
Citation key Pfeffer:2016:ProtectingLegacyCode
Author T. F. Pfeffer and S. Sydow and J. Fellmuth and P. Herber
Title of Book 2016 IEEE International Conference on Software Quality, Reliability and Security (QRS)
Pages 230-241
Year 2016
DOI 10.1109/QRS.2016.35
Month Aug
Abstract Current anomaly detection systems that enforce control flow integrity based on control flow graph information are not able to precisely monitor dynamic aspects of execution. Consequently, they are typically too coarse-grained to comprehensively detect modern code-reuse attacks. Even when enriched with dynamic monitoring information such as shadow stacks, the heuristics used are either too imprecise or produce many false negatives. In this paper, we present a novel approach to establish control flow integrity in multi-variant execution through execution location equivalence. The concept of execution location equivalence allows us to precisely detect execution divergence using a diversified control flow model and, consequently, to detect a broad variety of code-reuse attacks. In this way, execution of position-independent executables can be reliably rotected against a broad range of control hijacking attacks.
Download Bibtex entry

Zusatzinformationen / Extras

Quick Access:

Schnellnavigation zur Seite über Nummerneingabe

Auxiliary Functions