Analysis of defenses against code reuse attacks on modern and new architectures
Author(s)
Evans, Isaac Noah
DownloadFull printable version (1.164Mb)
Other Contributors
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.
Advisor
Hamed Okhravi and Howard Shrobe.
Terms of use
Metadata
Show full item recordAbstract
Today, the most common avenue for exploitation of computer systems is a control-flow attack in which the attacker gains direct or indirect control of the instruction pointer. In order to gain remote code execution, attackers then exploit legitimate fragments of code in the executable via techniques such as return-oriented-programming or virtual table overwrites. This project aims to answer fundamental questions about the efficacy of control-flow-integrity (CFI), a defensive technique which attempts to prevent such attacks by ensuring that every control flow transfer corresponds to the original intent of the program author. Although this problem is in general undecidable, most programs running on modern operating systems adhere to standard conventions which allow inferences from static analysis to set a specification for allowable runtime behavior. 1. By examining extremely large, complex real-world programs such as web browsers, this project will characterize the fundamental limits of CFI techniques. We find that it is possible for a program in which CFI is perfectly enforced to be exploited via a novel control flow attacks. 2. We examine the potential for hardware support for CFI and other techniques via generalized tagged architectures, and explore the tradeoff between the compatibility, performance, and security guarantees of hardware-assisted policies on tagged architectures.
Description
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2015. This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections. Cataloged from student-submitted PDF version of thesis. Includes bibliographical references (pages 73-77).
Date issued
2015Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer SciencePublisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science.