CFI(Control Flow Integration)

基本知识

控制流攻击

• Return-into-libc,
• Return-Oriented Programming(ROP)

  防御机制

• Data Execution Prevention(DEP)
• Address Space Layout Randomization(ALSR):ASLR存在随机化程度低的问题，攻击者往往可以暴力破解ASLR
• Control Flow Integrity(CFI)：CFI通过禁止非法的控制流转移来实现对控制流劫持攻击的防御

硬件支持

• Intel Processor Tracing
  • Specification:Intel® Architecture Instruction Set Extensions Programming Reference as Chapter 11
  • Processor Trace Decoder Library Intel Skylake 处理器

相关论文

• Seminar: Control Flow Integrity based Security
• GangTan：
• SJTU
  • [HPCA] Yutao Liu, Peitao Shi, Xinran Wang, Haibo Chen, Binyu Zang and Haibing Guan. Transparent and Efficient CFI Enforcement with Intel Processor Trace. The 23rd IEEE Symposium on High Performance Computer Architecture, Austin, TX, USA, Feb 2017.
• ChaoZhang：VTrust