TU Berlin

Fachgebiet Kommunikations- und BetriebssystemePublikationen

Logo Fachgebiet KBS

Inhalt des Dokuments

zur Navigation

KBS Publikationen

Protecting Legacy Code against Control Hijacking via Execution Location Equivalence Checking
Zitatschl├╝ssel Pfeffer:2016:ProtectingLegacyCode
Autor T. F. Pfeffer and S. Sydow and J. Fellmuth and P. Herber
Buchtitel 2016 IEEE International Conference on Software Quality, Reliability and Security (QRS)
Seiten 230-241
Jahr 2016
DOI 10.1109/QRS.2016.35
Monat Aug
Zusammenfassung Current anomaly detection systems that enforce control flow integrity based on control flow graph information are not able to precisely monitor dynamic aspects of execution. Consequently, they are typically too coarse-grained to comprehensively detect modern code-reuse attacks. Even when enriched with dynamic monitoring information such as shadow stacks, the heuristics used are either too imprecise or produce many false negatives. In this paper, we present a novel approach to establish control flow integrity in multi-variant execution through execution location equivalence. The concept of execution location equivalence allows us to precisely detect execution divergence using a diversified control flow model and, consequently, to detect a broad variety of code-reuse attacks. In this way, execution of position-independent executables can be reliably rotected against a broad range of control hijacking attacks.
Download Bibtex Eintrag

Navigation

Direktzugang

Schnellnavigation zur Seite über Nummerneingabe