Out Of Control: Overcoming Control-Flow Integrity

E.K. Goktas, E. Athanasopoulos, H.J. Bos, G. Portokalides

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

136 Downloads (Pure)


As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attackers from exploiting our software, interest in Control Flow Integrity (CFI) is growing. In its ideal form, CFI prevents flows of control that were not intended by the original program, effectively putting a stop to exploitation based on return oriented programming (and many other attacks besides). Two main problems have prevented CFI from being deployed in practice. First, many CFI implementations require source code or debug information that is typically not available for commercial software. Second, in its ideal form, the technique is very expensive. It is for this reason that current research efforts focus on making CFI fast and practical. Specifically, much of the work on practical CFI is applicable to binaries, and improves performance by enforcing a looser notion of control flow integrity. In this paper, we examine the security implications of such looser notions of CFI: are they still able to prevent code reuse attacks, and if not, how hard is it to bypass its protection? Specifically, we show that with two new types of gadgets, return oriented programming is still possible. We assess the availability of our gadget sets, and demonstrate the practicality of these results with a practical exploit against Internet Explorer that bypasses modern CFI implementations.
Original languageEnglish
Title of host publicationSecurity & Privacy - SP '14
Subtitle of host publicationProceedings of the 2014 IEEE Symposium on Security and Privacy
Number of pages15
ISBN (Print)9781479946860
Publication statusPublished - 2014
EventIEEE Security & Privacy (Oakland) -
Duration: 18 May 201421 May 2014


ConferenceIEEE Security & Privacy (Oakland)


Dive into the research topics of 'Out Of Control: Overcoming Control-Flow Integrity'. Together they form a unique fingerprint.

Cite this