Control-Flow Bending - On the Effectiveness of Control-Flow Integrity
Offered By: USENIX via YouTube
Course Description
Overview
Explore a conference talk from USENIX Security '15 that examines the effectiveness of Control-Flow Integrity (CFI) as a defense against control-flow hijacking attacks. Delve into the research conducted by experts from the University of California, Berkeley, ETH Zürich, and Purdue University as they challenge common evaluation metrics and reveal limitations in fully-precise static CFI security. Learn about Control-Flow Bending (CFB), a generalization of non-control-data attacks, and its implications for achieving Turing-complete computation using standard library calls. Analyze the evaluation results of CFI on six real binaries and understand why CFI may not be a reliable defense against memory corruption vulnerabilities. Additionally, examine the role of shadow stacks in combination with CFI and their impact on enhancing security measures.
Syllabus
Intro
Background
Control-Flow Integrity
Shadow Stacks
Prior Work: Weak CFI is broken
Return to Libc: Challenges
Dispatcher Functions
Evaluation (part 1)
Evaluation (part 2)
Printf-Oriented Programming
Conclusion
Questions?
Taught by
USENIX
Related Courses
Enforcing Unique Code Target Property for Control-Flow IntegrityAssociation for Computing Machinery (ACM) via YouTube Current Status of RISC-V Security Mechanisms - Nick Kossifidis, FORTH
TheIACR via YouTube Two-Faces of WASM Security
Security BSides San Francisco via YouTube Taking Kernel Hardening to the Next Level
Black Hat via YouTube The Power of Data-Oriented Attacks - Bypassing Memory Mitigation Using Data-Only Exploitation Techniques
Black Hat via YouTube