TY - GEN
T1 - Taming transactions
T2 - 19th International Symposium on Research in Attacks, Intrusions, and Defenses, RAID 2016
AU - Muench, Marius
AU - Pagani, Fabio
AU - Shoshitaishvili, Yan
AU - Kruegel, Christopher
AU - Vigna, Giovanni
AU - Balzarotti, Davide
PY - 2016/1/1
Y1 - 2016/1/1
N2 - Control Flow Integrity (CFI) is a promising defense technique against code-reuse attacks. While proposals to use hardware features to support CFI already exist, there is still a growing demand for an architectural CFI support on commodity hardware. To tackle this problem, in this paper we demonstrate that the Transactional Synchronization Extensions (TSX) recently introduced by Intel in the x86-64 instruction set can be used to support CFI. The main idea of our approach is to map control flow transitions into transactions. This way, violations of the intended control flow graphs would then trigger transactional aborts, which constitutes the core of our TSX-based CFI solution. To prove the feasibility of our technique, we designed and implemented two coarse-grained CFI proof-of-concept implementations using the new TSX features. In particular, we show how hardware-supported transactions can be used to enforce both loose CFI (which does not need to extract the control flow graph in advance) and strict CFI (which requires pre-computed labels to achieve a better precision). All solutions are based on a compile-time instrumentation. We evaluate the effectiveness and overhead of our implementations to demonstrate that a TSX-based implementation contains useful concepts for architectural control flow integrity support.
AB - Control Flow Integrity (CFI) is a promising defense technique against code-reuse attacks. While proposals to use hardware features to support CFI already exist, there is still a growing demand for an architectural CFI support on commodity hardware. To tackle this problem, in this paper we demonstrate that the Transactional Synchronization Extensions (TSX) recently introduced by Intel in the x86-64 instruction set can be used to support CFI. The main idea of our approach is to map control flow transitions into transactions. This way, violations of the intended control flow graphs would then trigger transactional aborts, which constitutes the core of our TSX-based CFI solution. To prove the feasibility of our technique, we designed and implemented two coarse-grained CFI proof-of-concept implementations using the new TSX features. In particular, we show how hardware-supported transactions can be used to enforce both loose CFI (which does not need to extract the control flow graph in advance) and strict CFI (which requires pre-computed labels to achieve a better precision). All solutions are based on a compile-time instrumentation. We evaluate the effectiveness and overhead of our implementations to demonstrate that a TSX-based implementation contains useful concepts for architectural control flow integrity support.
KW - Binary hardening
KW - Control flow integrity
KW - Intel® TSX
KW - Software security
KW - Transactional memory
UR - http://www.scopus.com/inward/record.url?scp=84988624384&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84988624384&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-45719-2_2
DO - 10.1007/978-3-319-45719-2_2
M3 - Conference contribution
AN - SCOPUS:84988624384
SN - 9783319457185
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 24
EP - 48
BT - Research in Attacks, Intrusions, and Defenses - 19th International Symposium, RAID 2016, Proceedings
A2 - Dacier, Marc
A2 - Monrose, Fabian
A2 - Blanc, Gregory
A2 - Garcia-Alfaro, Joaquin
PB - Springer Verlag
Y2 - 19 September 2016 through 21 September 2016
ER -