Mitigating Code-Reuse Attacks on CISC Architectures in a Hardware Approach - ICT Systems Security and Privacy Protection
Conference Papers Year : 2015

Mitigating Code-Reuse Attacks on CISC Architectures in a Hardware Approach

Zhijiao Zhang
  • Function : Author
  • PersonId : 986179
Yashuai Lü
  • Function : Author
  • PersonId : 986180
Yu Chen
  • Function : Author
  • PersonId : 986181
Yongqiang Lü
  • Function : Author
  • PersonId : 986182
Yuanchun Shi
  • Function : Author
  • PersonId : 986183

Abstract

Recently, code-reuse attack (CRA) is becoming the most prevalent attack vector which reuses fragments of existing code to make up malicious code. Recent studies show that CRAs especially jump-oriented programming (JOP) attacks are hard and costly to detect and protect from, especially on CISC processors. One reason for this is that the instructions of CISC architecture are of variable-length, and lots of unintended but legal instructions can be exploited by starting from in the middle of a legal instruction. This feature of CISC architectures makes the finding of so called gadgets for CRAs is much easier than that of RISC architectures. Most of previous studies for mitigating CRA on CISC processors rely on software-only means to tackle the unintended instruction problem, which makes their approaches either very costly or can only be applied under restricted conditions. In this paper, we propose two hardware supported techniques. The first, which is the main contribution of this paper, is to eliminate the execution of an unintended instruction. This technique only requires a few modifications to the processor and operating system. Furthermore, the proposed mechanism has little performance impact on the examined SPEC CPU 2006 benchmarks (-0.093% ~2.993%). Second, we propose using hardware control-flow locking as a complementary technique to our protection mechanism. By using the two techniques together, an attacker will have little chance to carry out CRAs on a CISC processor.
Fichier principal
Vignette du fichier
337885_1_En_29_Chapter.pdf (621.14 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01345134 , version 1 (13-07-2016)

Licence

Identifiers

Cite

Zhijiao Zhang, Yashuai Lü, Yu Chen, Yongqiang Lü, Yuanchun Shi. Mitigating Code-Reuse Attacks on CISC Architectures in a Hardware Approach. 30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. pp.431-445, ⟨10.1007/978-3-319-18467-8_29⟩. ⟨hal-01345134⟩
82 View
182 Download

Altmetric

Share

More