HOME > Detail View

Detail View

Hard-wired control flow integrity

Hard-wired control flow integrity

Material type
학위논문
Personal Author
이용석 李容碩
Title Statement
Hard-wired control flow integrity / Lee, Yong Suk
Publication, Distribution, etc
Seoul :   Graduate School, Korea University,   2019  
Physical Medium
vi, 56장 : 도표 ; 26 cm
기타형태 저록
Hard-Wired Control Flow Integrity   (DCOLL211009)000000084346  
학위논문주기
학위논문(박사)-- 고려대학교 대학원: 컴퓨터·전파통신공학과, 2019. 8
학과코드
0510   6YD36   366  
General Note
지도교수: 이경호  
Bibliography, Etc. Note
참고문헌: 장 52-56
이용가능한 다른형태자료
PDF 파일로도 이용가능;   Requires PDF file reader(application/pdf)  
비통제주제어
Control Flow Integrity, Instruction Set Architecture, Software Security,,
000 00000nam c2200205 c 4500
001 000045999167
005 20191017131319
007 ta
008 190626s2019 ulkd bmAC 000c eng
040 ▼a 211009 ▼c 211009 ▼d 211009
085 0 ▼a 0510 ▼2 KDCP
090 ▼a 0510 ▼b 6YD36 ▼c 366
100 1 ▼a 이용석 ▼g 李容碩
245 1 0 ▼a Hard-wired control flow integrity / ▼d Lee, Yong Suk
246 1 1 ▼a 하드웨어에 내장된 제어 흐름 무결성
260 ▼a Seoul : ▼b Graduate School, Korea University, ▼c 2019
300 ▼a vi, 56장 : ▼b 도표 ; ▼c 26 cm
500 ▼a 지도교수: 이경호
502 1 ▼a 학위논문(박사)-- ▼b 고려대학교 대학원: ▼c 컴퓨터·전파통신공학과, ▼d 2019. 8
504 ▼a 참고문헌: 장 52-56
530 ▼a PDF 파일로도 이용가능; ▼c Requires PDF file reader(application/pdf)
653 ▼a Control Flow Integrity, Instruction Set Architecture, Software Security
776 0 ▼t Hard-Wired Control Flow Integrity ▼w (DCOLL211009)000000084346
900 1 0 ▼a Lee, Yong-suk, ▼e
900 1 0 ▼a 이경호 ▼g 李炅浩, ▼e 지도교수
945 ▼a KLPA

Electronic Information

No. Title Service
1
Hard-wired control flow integrity (24회 열람)
View PDF Abstract Table of Contents
No. Location Call Number Accession No. Availability Due Date Make a Reservation Service
No. 1 Location Science & Engineering Library/Stacks(Thesis)/ Call Number 0510 6YD36 366 Accession No. 123062327 Availability Available Due Date Make a Reservation Service B M
No. 2 Location Science & Engineering Library/Stacks(Thesis)/ Call Number 0510 6YD36 366 Accession No. 123062328 Availability Available Due Date Make a Reservation Service B M
No. 3 Location Sejong Academic Information Center/Thesis(5F)/ Call Number 0510 6YD36 366 Accession No. 153083336 Availability Available Due Date Make a Reservation Service M
No. Location Call Number Accession No. Availability Due Date Make a Reservation Service
No. 1 Location Science & Engineering Library/Stacks(Thesis)/ Call Number 0510 6YD36 366 Accession No. 123062327 Availability Available Due Date Make a Reservation Service B M
No. 2 Location Science & Engineering Library/Stacks(Thesis)/ Call Number 0510 6YD36 366 Accession No. 123062328 Availability Available Due Date Make a Reservation Service B M
No. Location Call Number Accession No. Availability Due Date Make a Reservation Service
No. 1 Location Sejong Academic Information Center/Thesis(5F)/ Call Number 0510 6YD36 366 Accession No. 153083336 Availability Available Due Date Make a Reservation Service M

Contents information

Abstract

Ensuring that a program follows an uncompromised control flow at the machine instruction level can provide sound protection from control flow attacks that transfer a control flow to the attacker’s flow during program execution, such as code reuse attacks (CRAs). This thesis proposes incorporating the control-flow validation into the processor’s instruction execution pipeline. By introducing a mis-prediction validation unit (MVU) alongside the branch prediction unit (BPU), validating each control-flow transfer instance becomes an integral part of indirect branch instruction execution. MVU determines whether a mis-prediction from BPU is caused by a legitimate target address from a legitimate control-flow or a compromised target address from an attack. Since BPU is already validating a significant portion of the control-flow transfer instances via branch prediction, MVU introduces little performance overhead to the control-flow validation. Also, this thesis proposes an enhanced control data protection for control flow integrity, called Hard Wired Control Data Integrity (HW-CDI). HW-CDI hides the control data via encoding with a key and requires a proper decoding with the key for a correct control flow transfer. A unique aspect of HW-CDI is that this key changes in terms of not only the location but also the value of the control data. More specifically, this work describes how to incorporate the HW-CDI into the processor’s instruction pipeline so that it becomes an integral part of indirect branch instruction execution. It also provides information on how to generate the encoding/decoding keys without additional instrumented code. HW-CDI is able to differentiate control flow transfer instances, providing context-based protection at negligible performance overhead.

Table of Contents

1. Introduction 1
2. Background 6
 2.1 Control Flow Integrity and Control Data Integrity 6
3. Mis-prediction Validation Unit 10
 3.1 Code Reuse Attacks and Branch Prediction 10
 3.2 Validating Branch Mis-Prediction 12
 3.3 IBP Buffer 16
4. Discussion and Limitation of MVU 18
5. Hard-Wired Control Data Integrity(HW-CDI) 20
 5.1 Basic Approach 20
 5.2 Encoding and Decoding 23
 5.3 Key for Encoding and Decoding 26
 5.4 Instruction Pipeline 31
 5.5 Effectiveness against Control Flow Attacks 33
6. Performance Overhead 39
 6.1 Mis-Prediction Validation Unit (MVU) 39
 6.2 Hard-Wired Control Data Integrity (HW-CDI) 43
7. Discussion: Comparison with Related Works 46
8. Conclusion 50
Bibliography 52