HOME > 상세정보

상세정보

Hard-wired control flow integrity

Hard-wired control flow integrity

자료유형
학위논문
개인저자
이용석 李容碩
서명 / 저자사항
Hard-wired control flow integrity / Lee, Yong Suk
발행사항
Seoul :   Graduate School, Korea University,   2019  
형태사항
vi, 56장 : 도표 ; 26 cm
기타형태 저록
Hard-Wired Control Flow Integrity   (DCOLL211009)000000084346  
학위논문주기
학위논문(박사)-- 고려대학교 대학원: 컴퓨터·전파통신공학과, 2019. 8
학과코드
0510   6YD36   366  
일반주기
지도교수: 이경호  
서지주기
참고문헌: 장 52-56
이용가능한 다른형태자료
PDF 파일로도 이용가능;   Requires PDF file reader(application/pdf)  
비통제주제어
Control Flow Integrity, Instruction Set Architecture, Software Security,,
000 00000nam c2200205 c 4500
001 000045999167
005 20191017131319
007 ta
008 190626s2019 ulkd bmAC 000c eng
040 ▼a 211009 ▼c 211009 ▼d 211009
085 0 ▼a 0510 ▼2 KDCP
090 ▼a 0510 ▼b 6YD36 ▼c 366
100 1 ▼a 이용석 ▼g 李容碩
245 1 0 ▼a Hard-wired control flow integrity / ▼d Lee, Yong Suk
246 1 1 ▼a 하드웨어에 내장된 제어 흐름 무결성
260 ▼a Seoul : ▼b Graduate School, Korea University, ▼c 2019
300 ▼a vi, 56장 : ▼b 도표 ; ▼c 26 cm
500 ▼a 지도교수: 이경호
502 1 ▼a 학위논문(박사)-- ▼b 고려대학교 대학원: ▼c 컴퓨터·전파통신공학과, ▼d 2019. 8
504 ▼a 참고문헌: 장 52-56
530 ▼a PDF 파일로도 이용가능; ▼c Requires PDF file reader(application/pdf)
653 ▼a Control Flow Integrity, Instruction Set Architecture, Software Security
776 0 ▼t Hard-Wired Control Flow Integrity ▼w (DCOLL211009)000000084346
900 1 0 ▼a Lee, Yong-suk, ▼e
900 1 0 ▼a 이경호 ▼g 李炅浩, ▼e 지도교수
945 ▼a KLPA

전자정보

No. 원문명 서비스
1
Hard-wired control flow integrity (24회 열람)
PDF 초록 목차
No. 소장처 청구기호 등록번호 도서상태 반납예정일 예약 서비스
No. 1 소장처 과학도서관/학위논문서고/ 청구기호 0510 6YD36 366 등록번호 123062327 도서상태 대출가능 반납예정일 예약 서비스 B M
No. 2 소장처 과학도서관/학위논문서고/ 청구기호 0510 6YD36 366 등록번호 123062328 도서상태 대출가능 반납예정일 예약 서비스 B M
No. 3 소장처 세종학술정보원/5층 학위논문실/ 청구기호 0510 6YD36 366 등록번호 153083336 도서상태 대출가능 반납예정일 예약 서비스
No. 소장처 청구기호 등록번호 도서상태 반납예정일 예약 서비스
No. 1 소장처 과학도서관/학위논문서고/ 청구기호 0510 6YD36 366 등록번호 123062327 도서상태 대출가능 반납예정일 예약 서비스 B M
No. 2 소장처 과학도서관/학위논문서고/ 청구기호 0510 6YD36 366 등록번호 123062328 도서상태 대출가능 반납예정일 예약 서비스 B M
No. 소장처 청구기호 등록번호 도서상태 반납예정일 예약 서비스
No. 1 소장처 세종학술정보원/5층 학위논문실/ 청구기호 0510 6YD36 366 등록번호 153083336 도서상태 대출가능 반납예정일 예약 서비스

컨텐츠정보

초록

Ensuring that a program follows an uncompromised control flow at the machine instruction level can provide sound protection from control flow attacks that transfer a control flow to the attacker’s flow during program execution, such as code reuse attacks (CRAs). This thesis proposes incorporating the control-flow validation into the processor’s instruction execution pipeline. By introducing a mis-prediction validation unit (MVU) alongside the branch prediction unit (BPU), validating each control-flow transfer instance becomes an integral part of indirect branch instruction execution. MVU determines whether a mis-prediction from BPU is caused by a legitimate target address from a legitimate control-flow or a compromised target address from an attack. Since BPU is already validating a significant portion of the control-flow transfer instances via branch prediction, MVU introduces little performance overhead to the control-flow validation. Also, this thesis proposes an enhanced control data protection for control flow integrity, called Hard Wired Control Data Integrity (HW-CDI). HW-CDI hides the control data via encoding with a key and requires a proper decoding with the key for a correct control flow transfer. A unique aspect of HW-CDI is that this key changes in terms of not only the location but also the value of the control data. More specifically, this work describes how to incorporate the HW-CDI into the processor’s instruction pipeline so that it becomes an integral part of indirect branch instruction execution. It also provides information on how to generate the encoding/decoding keys without additional instrumented code. HW-CDI is able to differentiate control flow transfer instances, providing context-based protection at negligible performance overhead.

목차

1. Introduction 1
2. Background 6
 2.1 Control Flow Integrity and Control Data Integrity 6
3. Mis-prediction Validation Unit 10
 3.1 Code Reuse Attacks and Branch Prediction 10
 3.2 Validating Branch Mis-Prediction 12
 3.3 IBP Buffer 16
4. Discussion and Limitation of MVU 18
5. Hard-Wired Control Data Integrity(HW-CDI) 20
 5.1 Basic Approach 20
 5.2 Encoding and Decoding 23
 5.3 Key for Encoding and Decoding 26
 5.4 Instruction Pipeline 31
 5.5 Effectiveness against Control Flow Attacks 33
6. Performance Overhead 39
 6.1 Mis-Prediction Validation Unit (MVU) 39
 6.2 Hard-Wired Control Data Integrity (HW-CDI) 43
7. Discussion: Comparison with Related Works 46
8. Conclusion 50
Bibliography 52