ABSTRACT
Modern code reuse attacks take full advantage of bloated software. Attackers piece together short sequences of instructions in otherwise benign code to carry out malicious actions. Mitigating these reusable code snippets, known as gadgets, has become one of the prime focuses of attack surface reduction research. While some debloating techniques remove parts of software that contain such gadgets, other methods focus on making them unusable by breaking up chains of them, thereby substantially diminishing the possibility of code reuse attacks. Third-party libraries are another main focus, because they exhibit a high number of vulnerabilities, but recently, techniques have emerged that deal with whole applications. Attack surface reduction efforts have typically tried to eliminate such attacks by subsetting (debloating) the application, e.g. via user-specified inputs, configurations, or features to achieve high gadget reductions. However, such techniques suffer from the limitations of soundness, i.e. the software might crash during no-attack executions on regular inputs, or they may be conservative and leave a large amount of attack surface untackled.
In this work we present a general, whole-program attack surface reduction technique called Decker that significantly reduces gadgets which are accessible to an attacker during an execution phase (called a deck) and has minor performance degradation. Decker requires no user inputs and leaves all features intact. It uses static analysis to determine key function sets that should be enabled/disabled at runtime. The runtime system then enables these function sets at the specified program points during execution. On SPEC CPU 2017, our framework achieves 73.2% total gadget reduction with 5.2% average slowdown. On 10 GNU coreutils applications, it achieves 87.2% reduction and negligible slowdown. On the nginx server it achieves 80.3% reduction with 2% slowdown. We also provide a gadget chain-breaking case study, including detailed JOP gadget metrics on both Linux and Windows, and show that our framework breaks the shell-spawning chain in all cases.
- Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti. 2005. Control-flow integrity. In Proceedings of the 12th ACM Conference on Computer and Communications Security, CCS 2005, Alexandria, VA, USA, November 7-11, 2005, Vijay Atluri, Catherine A. Meadows, and Ari Juels (Eds.). ACM, 340–353. https://doi.org/10.1145/1102120.1102165 Google ScholarDigital Library
- S. Andersen and V. Abella. 2004. Data Execution Prevention: Changes to Functionality in Microsoft Windows XP Service Pack 2, Part 3: Memory Protection Technologies. http://technet.microsoft.com/en-us/library/bb457155.aspx Accessed: 2021 Oct 10 Google Scholar
- Julian Bangert, Sergey Bratus, Rebecca Shapiro, Michael E. Locasto, Jason Reeves, Sean W. Smith, and Anna Shubina. 2013. ELFbac: Using the Loader Format for Intent-Level Semantics and Fine-Grained Protection. Dartmouth University. https://digitalcommons.dartmouth.edu/cs_tr/345 Google Scholar
- Árpád Beszédes, Rudolf Ferenc, Tibor Gyimóthy, André Dolenc, and Konsta Karsisto. 2003. Survey of Code-size Reduction Methods. ACM Comput. Surv., 35, 3 (2003), Sept., 223–267. issn:0360-0300 https://doi.org/10.1145/937503.937504 Google ScholarDigital Library
- Tyler K. Bletsch, Xuxian Jiang, and Vincent W. Freeh. 2011. Mitigating code-reuse attacks with control-flow locking. In Twenty-Seventh Annual Computer Security Applications Conference, ACSAC 2011, Orlando, FL, USA, 5-9 December 2011, Robert H’obbes’ Zakon, John P. McDermott, and Michael E. Locasto (Eds.). ACM, 353–362. https://doi.org/10.1145/2076732.2076783 Google ScholarDigital Library
- Tyler K. Bletsch, Xuxian Jiang, Vincent W. Freeh, and Zhenkai Liang. 2011. Jump-oriented programming: a new class of code-reuse attack. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011, Hong Kong, China, March 22-24, 2011, Bruce S. N. Cheung, Lucas Chi Kwong Hui, Ravi S. Sandhu, and Duncan S. Wong (Eds.). ACM, 30–40. https://doi.org/10.1145/1966913.1966919 Google ScholarDigital Library
- Bramwell Brizendine and Austin Babcock. 2021. Pre-built JOP Chains with the JOP ROCKET: Bypassing DEP without ROP. https://i.blackhat.com/asia-21/Thursday-Handouts/as-21-Brizendine-Babcock-Prebuilt-Jop-Chains-With-The-Jop-Rocket-wp.pdf Accessed: 2022 Jun 06 Google Scholar
- Bramwell Brizendine and Austin Babcock. 2021. Shellcodeless JOP: Advanced Code-Reuse Attacks with Jump-Oriented Programming. https://files.athack.com/files/2021-12/AtHack-Advanced%20Code-Reuse%20Attacks%20Whitepaper_0.pdf?VersionId=D.HV08jcDUeclPb4FcIiC2jpOuK07GR8 Accessed: 2022 Jun 23 Google Scholar
- Michael D. Brown, Matthew Pruett, Robert Bigelow, Girish Mururu, and Santosh Pande. 2021. Not so fast: understanding and mitigating negative impacts of compiler optimizations on code reuse gadget sets. Proc. ACM Program. Lang., 5, OOPSLA (2021), 1–30. https://doi.org/10.1145/3485531 Google ScholarDigital Library
- 2020. CallGraph.h. https://github.com/llvm/llvm-project/blob/llvmorg-11.0.0/llvm/include/llvm/Analysis/CallGraph.h Accessed: 2022 Nov 9 Google Scholar
- Nicolas Carlini, Antonio Barresi, Mathias Payer, David Wagner, and Thomas R. Gross. 2015. Control-flow Bending: On the Effectiveness of Control-flow Integrity. In Proceedings of the 24th USENIX Conference on Security Symposium (SEC’15). USENIX Association, Berkeley, CA, USA. 161–176. isbn:978-1-931971-232 http://dl.acm.org/citation.cfm?id=2831143.2831154 Google Scholar
- Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, and Marcel Winandy. 2010. Return-oriented programming without returns. In Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, October 4-8, 2010, Ehab Al-Shaer, Angelos D. Keromytis, and Vitaly Shmatikov (Eds.). ACM, 559–572. https://doi.org/10.1145/1866307.1866370 Google ScholarDigital Library
- Jonathan Corbet. 2022. Indirect branch tracking for Intel CPUs. https://lwn.net/Articles/889475/ Accessed: 2022 Oct 21 Google Scholar
- 2021. Coreutils - GNU core utilities. https://www.gnu.org/software/coreutils/ Accessed: 2021 Jul 27 Google Scholar
- Standard Performance Evaluation Corporation. 2021. SPEC CPU 2017. https://www.spec.org/cpu2017/ Accessed: 2021 Jul 27 Google Scholar
- John Criswell, Nathan Dautenhahn, and Vikram S. Adve. 2014. KCoFI: Complete Control-Flow Integrity for Commodity Operating System Kernels. In 2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, May 18-21, 2014. IEEE Computer Society, 292–307. https://doi.org/10.1109/SP.2014.26 Google ScholarDigital Library
- cxreet. 2021. Razor. https://github.com/cxreet/razor Accessed: 2021 Sept 30 Google Scholar
- Saumya K. Debray, William Evans, Robert Muth, and Bjorn De Sutter. 2000. Compiler Techniques for Code Compaction. ACM Trans. Program. Lang. Syst., 22, 2 (2000), March, 378–415. issn:0164-0925 https://doi.org/10.1145/349214.349233 Google ScholarDigital Library
- Ren Ding, Chenxiong Qian, Chengyu Song, William Harris, Taesoo Kim, and Wenke Lee. 2017. Efficient Protection of Path-Sensitive Control Security. In 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16-18, 2017, Engin Kirda and Thomas Ristenpart (Eds.). USENIX Association, 131–148. https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/ding Google Scholar
- Tyler Durden. 2002. Bypassing PaX ASLR protection. http://phrack.org/issues/59/9.html Accessed: 2021 Sept 14 Google Scholar
- Úlfar Erlingsson, Martín Abadi, Michael Vrable, Mihai Budiu, and George C. Necula. 2006. XFI: Software Guards for System Address Spaces. In 7th Symposium on Operating Systems Design and Implementation (OSDI ’06), November 6-8, Seattle, WA, USA, Brian N. Bershad and Jeffrey C. Mogul (Eds.). USENIX Association, 75–88. http://www.usenix.org/events/osdi06/tech/erlingsson.html Google Scholar
- Isaac Evans, Fan Long, Ulziibayar Otgonbaatar, Howard Shrobe, Martin Rinard, Hamed Okhravi, and Stelios Sidiroglou-Douskos. 2015. Control Jujutsu: On the Weaknesses of Fine-Grained Control Flow Integrity. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security (CCS ’15). ACM, New York, NY, USA. 901–913. isbn:978-1-4503-3832-5 https://doi.org/10.1145/2810103.2813646 Google ScholarDigital Library
- Dmitry Evtyushkin, Dmitry V. Ponomarev, and Nael B. Abu-Ghazaleh. 2016. Jump over ASLR: Attacking branch predictors to bypass ASLR. In 49th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 2016, Taipei, Taiwan, October 15-19, 2016. IEEE Computer Society, 40:1–40:13. https://doi.org/10.1109/MICRO.2016.7783743 Google ScholarCross Ref
- Michael Franz and Thomas Kistler. 1997. Slim Binaries. Commun. ACM, 40, 12 (1997), Dec., 87–94. issn:0001-0782 https://doi.org/10.1145/265563.265576 Google ScholarDigital Library
- Xinyang Ge, Weidong Cui, and Trent Jaeger. 2017. GRIFFIN: Guarding Control Flows Using Intel Processor Trace. In Proceedings of the Twenty-Second International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2017, Xi’an, China, April 8-12, 2017, Yunji Chen, Olivier Temam, and John Carter (Eds.). ACM, 585–598. https://doi.org/10.1145/3037697.3037716 Google ScholarDigital Library
- 2021. glibc. https://www.gnu.org/software/libc/ Accessed: 2021 Oct 10 Google Scholar
- Kihong Heo, Woosuk Lee, Pardis Pashakhanloo, and Mayur Naik. 2018. Effective Program Debloating via Reinforcement Learning. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS ’18). ACM, New York, NY, USA. 380–394. isbn:978-1-4503-5693-0 https://doi.org/10.1145/3243734.3243838 Google ScholarDigital Library
- Hong Hu, Chenxiong Qian, Carter Yagemann, Simon Pak Ho Chung, William R. Harris, Taesoo Kim, and Wenke Lee. 2018. Enforcing Unique Code Target Property for Control-Flow Integrity. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS ’18). ACM, New York, NY, USA. 1470–1486. isbn:978-1-4503-5693-0 https://doi.org/10.1145/3243734.3243797 Google ScholarDigital Library
- Mustakimur Khandaker, Wenqing Liu, Abu Naser, Zhi Wang, and Jie Yang. 2019. Origin-sensitive Control Flow Integrity. In 28th USENIX Security Symposium, USENIX Security 2019, Santa Clara, CA, USA, August 14-16, 2019, Nadia Heninger and Patrick Traynor (Eds.). USENIX Association, 195–211. https://www.usenix.org/conference/usenixsecurity19/presentation/khandaker Google Scholar
- Mustakimur Khandaker, Abu Naser, Wenqing Liu, Zhi Wang, Yajin Zhou, and Yueqiang Cheng. 2019. Adaptive Call-Site Sensitive Control Flow Integrity. In IEEE European Symposium on Security and Privacy, EuroS&P 2019, Stockholm, Sweden, June 17-19, 2019. IEEE, 95–110. https://doi.org/10.1109/EuroSP.2019.00017 Google ScholarCross Ref
- Hyungjoon Koo, Seyedhamed Ghavamnia, and Michalis Polychronakis. 2019. Configuration-Driven Software Debloating. In Proceedings of the 12th European Workshop on Systems Security, EuroSec@EuroSys 2019, Dresden, Germany, March 25, 2019. ACM, 9:1–9:6. https://doi.org/10.1145/3301417.3312501 Google ScholarDigital Library
- Volodymyr Kuznetsov, László Szekeres, Mathias Payer, George Candea, R. Sekar, and Dawn Song. 2014. Code-pointer Integrity. In Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation (OSDI’14). USENIX Association, Berkeley, CA, USA. 147–163. isbn:978-1-931971-16-4 http://dl.acm.org/citation.cfm?id=2685048.2685061 Google ScholarDigital Library
- Volodymyr Kuznetsov, Laszlo Szekeres, Mathias Payer, George Candea, and Dawn Song. 2015. Poster : Getting The Point(er): On the Feasibility of Attacks on Code-Pointer Integrity. Google Scholar
- Chris Lattner and Vikram S. Adve. 2004. LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation. In 2nd IEEE / ACM International Symposium on Code Generation and Optimization (CGO 2004), 20-24 March 2004, San Jose, CA, USA. IEEE Computer Society, 75–88. https://doi.org/10.1109/CGO.2004.1281665 Google ScholarCross Ref
- Yuan Li, Mingzhe Wang, Chao Zhang, Xingman Chen, Songtao Yang, and Ying Liu. 2020. Finding Cracks in Shields: On the Security of Control Flow Integrity Mechanisms. In CCS ’20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020, Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna (Eds.). ACM, 1821–1835. https://doi.org/10.1145/3372297.3417867 Google ScholarDigital Library
- Y. Liu, P. Shi, X. Wang, H. Chen, B. Zang, and H. Guan. 2017. Transparent and Efficient CFI Enforcement with Intel Processor Trace. In 2017 IEEE International Symposium on High Performance Computer Architecture (HPCA). 529–540. issn:2378-203X https://doi.org/10.1109/HPCA.2017.18 Google ScholarCross Ref
- Microsoft. 2022. Control Flow Guard for platform security. https://learn.microsoft.com/en-us/windows/win32/secbp/control-flow-guard Accessed: 2022 Oct 21 Google Scholar
- Nick Mitchell, Edith Schonberg, and Gary Sevitsky. 2009. Making Sense of Large Heaps. In ECOOP 2009 - Object-Oriented Programming, 23rd European Conference, Genoa, Italy, July 6-10, 2009. Proceedings, Sophia Drossopoulou (Ed.) (Lecture Notes in Computer Science, Vol. 5653). Springer, 77–97. https://doi.org/10.1007/978-3-642-03013-0_5 Google ScholarDigital Library
- Nick Mitchell, Edith Schonberg, and Gary Sevitsky. 2010. Four Trends Leading to Java Runtime Bloat. IEEE Software, 27, 1 (2010), 56–63. https://doi.org/10.1109/MS.2010.7 Google ScholarDigital Library
- Nick Mitchell and Gary Sevitsky. 2007. The causes of bloat, the limits of health. In Proceedings of the 22nd Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2007, October 21-25, 2007, Montreal, Quebec, Canada, Richard P. Gabriel, David F. Bacon, Cristina Videira Lopes, and Guy L. Steele Jr. (Eds.). ACM, 245–260. https://doi.org/10.1145/1297027.1297046 Google ScholarDigital Library
- Vishwath Mohan, Per Larsen, Stefan Brunthaler, Kevin W. Hamlen, and Michael Franz. 2015. Opaque Control-Flow Integrity. In 22nd Annual Network and Distributed System Security Symposium, NDSS 2015, San Diego, California, USA, February 8-11, 2015. The Internet Society. https://www.ndss-symposium.org/ndss2015/opaque-control-flow-integrity Google Scholar
- Robert Muth, Saumya K. Debray, Scott Watterson, and Koen De Bosschere. 2001. Alto: A Link-time Optimizer for the Compaq Alpha. Softw. Pract. Exper., 31, 1 (2001), Jan., 67–101. issn:0038-0644 https://doi.org/10.1002/1097-024X(200101)31:1<67::AID-SPE357>3.0.CO;2-A Google ScholarCross Ref
- Nergal. 2001. The Advanced Return-into-lib(c) Exploits: PaX Case Study. Phrack Magazine. http://phrack.org/issues/58/4.html Accessed: 2021 Oct 10 Google Scholar
- 2019. nginx. https://nginx.org/ Accessed: 2021 Oct 10 Google Scholar
- Ben Niu and Gang Tan. 2014. Modular control-flow integrity. In ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI ’14, Edinburgh, United Kingdom - June 09 - 11, 2014, Michael F. P. O’Boyle and Keshav Pingali (Eds.). ACM, 577–587. https://doi.org/10.1145/2594291.2594295 Google ScholarDigital Library
- Ben Niu and Gang Tan. 2015. Per-Input Control-Flow Integrity. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, October 12-16, 2015, Indrajit Ray, Ninghui Li, and Christopher Kruegel (Eds.). ACM, 914–926. https://doi.org/10.1145/2810103.2813644 Google ScholarDigital Library
- 2003. PaX Address Space Layout Randomization. https://pax.grsecurity.net/docs/aslr.txt Accessed: 2021 Oct 10 Google Scholar
- Chris Porter, Girish Mururu, Prithayan Barua, and Santosh Pande. 2020. BlankIt library debloating: getting what you want instead of cutting what you don’t. In Proceedings of the 41st ACM SIGPLAN International Conference on Programming Language Design and Implementation, PLDI 2020, London, UK, June 15-20, 2020, Alastair F. Donaldson and Emina Torlak (Eds.). ACM, 164–180. https://doi.org/10.1145/3385412.3386017 Google ScholarDigital Library
- Chenxiong Qian, Hong Hu, Mansour Alharthi, Simon Pak Ho Chung, Taesoo Kim, and Wenke Lee. 2019. RAZOR: A Framework for Post-deployment Software Debloating. In 28th USENIX Security Symposium, USENIX Security 2019, Santa Clara, CA, USA, August 14-16, 2019, Nadia Heninger and Patrick Traynor (Eds.). USENIX Association, 1733–1750. https://www.usenix.org/conference/usenixsecurity19/presentation/qian Google Scholar
- Chenxiong Qian, Hyungjoon Koo, ChangSeok Oh, Taesoo Kim, and Wenke Lee. 2020. Slimium: Debloating the Chromium Browser with Feature Subsetting. In CCS ’20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020, Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna (Eds.). ACM, 461–476. https://doi.org/10.1145/3372297.3417866 Google ScholarDigital Library
- Anh Quach, Aravind Prakash, and Lok Yan. 2018. Debloating Software through Piece-Wise Compilation and Loading. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD. 869–886. isbn:978-1-931971-46-1 https://www.usenix.org/conference/usenixsecurity18/presentation/quach Google ScholarDigital Library
- 2018. ROPgadget v5.4. https://github.com/JonathanSalwan/ROPgadget Accessed: 2021 Oct 10 Google Scholar
- AliAkbar Sadeghi, Salman Niksefat, and Maryam Rostamipour. 2018. Pure-Call Oriented Programming (PCOP): chaining the gadgets using call instructions. J. Comput. Virol. Hacking Tech., 14, 2 (2018), 139–156. https://doi.org/10.1007/s11416-017-0299-1 Google ScholarCross Ref
- Morten Schenk. [n. d.]. Bypassing Control Flow Guard in Windows 10. h Google Scholar
- Sascha Schirra. 2021. Ropper. https://github.com/sashs/ropper Accessed: 2021 Sept 10 Google Scholar
- Felix Schuster, Thomas Tendyck, Christopher Liebchen, Lucas Davi, Ahmad-Reza Sadeghi, and Thorsten Holz. 2015. Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications. In 2015 IEEE Symposium on Security and Privacy, SP 2015, San Jose, CA, USA, May 17-21, 2015. IEEE Computer Society, 745–762. https://doi.org/10.1109/SP.2015.51 Google ScholarDigital Library
- Hovav Shacham. 2007. The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, Alexandria, Virginia, USA, October 28-31, 2007, Peng Ning, Sabrina De Capitani di Vimercati, and Paul F. Syverson (Eds.). ACM, 552–561. isbn:978-1-59593-703-2 https://doi.org/10.1145/1315245.1315313 Google ScholarDigital Library
- Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, and Dan Boneh. 2004. On the effectiveness of address-space randomization. In Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, Washington, DC, USA, October 25-29, 2004, Vijayalakshmi Atluri, Birgit Pfitzmann, and Patrick D. McDaniel (Eds.). ACM, 298–307. https://doi.org/10.1145/1030083.1030124 Google ScholarDigital Library
- Vedvyas Shanbhogue, Deepak Gupta, and Ravi Sahita. 2019. Security Analysis of Processor Instruction Set Architecture for Enforcing Control-Flow Integrity. In Proceedings of the 8th International Workshop on Hardware and Architectural Support for Security and Privacy (HASP ’19). Association for Computing Machinery, New York, NY, USA. Article 8, 11 pages. isbn:9781450372268 https://doi.org/10.1145/3337167.3337175 Google ScholarDigital Library
- Hashim Sharif, Muhammad Abubakar, Ashish Gehani, and Fareed Zaffar. 2018. TRIMMER: application specialization for code debloating. In Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, ASE 2018, Montpellier, France, September 3-7, 2018, Marianne Huchard, Christian Kästner, and Gordon Fraser (Eds.). ACM, 329–339. https://doi.org/10.1145/3238147.3238160 Google ScholarDigital Library
- Kevin Z. Snow, Fabian Monrose, Lucas Davi, Alexandra Dmitrienko, Christopher Liebchen, and Ahmad-Reza Sadeghi. 2013. Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization. In Proceedings of the 2013 IEEE Symposium on Security and Privacy (SP ’13). IEEE Computer Society, Washington, DC, USA. 574–588. isbn:978-0-7695-4977-4 https://doi.org/10.1109/SP.2013.45 Google ScholarDigital Library
- César Soto-Valero, Thomas Durieux, Nicolas Harrand, and Benoit Baudry. 2022. Coverage-Based Debloating for Java Bytecode. ACM Trans. Softw. Eng. Methodol., jun, issn:1049-331X https://doi.org/10.1145/3546948 Just Accepted Google ScholarDigital Library
- Bing Sun, Jin Liu, and Chong Xu. 2019. How to Survive the Hardware-assisted Control-flow Integrity Enforcement. https://i.blackhat.com/asia-19/Thu-March-28/bh-asia-Sun-How-to-Survive-the-Hardware-Assisted-Control-Flow-Integrity-Enforcement.pdf Accessed: 2022 Jun 06 Google Scholar
- Vijay Sundaresan, Laurie Hendren, Chrislain Razafimahefa, Raja Vallée-Rai, Patrick Lam, Etienne Gagnon, and Charles Godin. 2000. Practical Virtual Method Call Resolution for Java. In Proceedings of the 15th ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA ’00). Association for Computing Machinery, New York, NY, USA. 264–280. isbn:158113200X https://doi.org/10.1145/353171.353189 Google ScholarDigital Library
- Jack Tang. 2015. Exploring Control Flow Guard in Windows 10. Trend Micro. https://documents.trendmicro.com/assets/wp/exploring-control-flow-guard-in-windows10.pdf Google Scholar
- Sam Thomas. [n. d.]. Object Oriented Exploitation: New techniques in Windows mitigation bypass. h Google Scholar
- Minh Tran, Mark Etheridge, Tyler Bletsch, Xuxian Jiang, Vincent Freeh, and Peng Ning. 2011. On the Expressiveness of Return-into-libc Attacks. In Recent Advances in Intrusion Detection, Robin Sommer, Davide Balzarotti, and Gregor Maier (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 121–141. isbn:978-3-642-23644-0 Google Scholar
- Victor van der Veen, Dennis Andriesse, Enes Göktas, Ben Gras, Lionel Sambuc, Asia Slowinska, Herbert Bos, and Cristiano Giuffrida. 2015. Practical Context-Sensitive CFI. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, October 12-16, 2015, Indrajit Ray, Ninghui Li, and Christopher Kruegel (Eds.). ACM, 927–940. https://doi.org/10.1145/2810103.2813673 Google ScholarDigital Library
- Victor van der Veen, Enes Göktas, Moritz Contag, Andre Pawoloski, Xi Chen, Sanjay Rawat, Herbert Bos, Thorsten Holz, Elias Athanasopoulos, and Cristiano Giuffrida. 2016. A Tough Call: Mitigating Advanced Code-Reuse Attacks at the Binary Level. In IEEE Symposium on Security and Privacy, SP 2016, San Jose, CA, USA, May 22-26, 2016. IEEE Computer Society, 934–953. https://doi.org/10.1109/SP.2016.60 Google ScholarCross Ref
- W3Techs. 2021. Usage statistics of web servers. https://w3techs.com/technologies/overview/web_server Accessed: 2021 Oct 10 Google Scholar
- Danny Wei, Lywang, and FlowerCode. 2016. Return Flow Guard. https://xlab.tencent.com/en/2016/11/02/return-flow-guard/ Accessed: 2022 Oct 21 Google Scholar
- Guoqing Xu and Atanas Rountev. 2010. Detecting Inefficiently-used Containers to Avoid Bloat. In Proceedings of the 31st ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’10). ACM, New York, NY, USA. 160–173. isbn:978-1-4503-0019-3 https://doi.org/10.1145/1806596.1806616 Google ScholarDigital Library
- Guoqing (Harry) Xu. 2012. Finding reusable data structures. In Proceedings of the 27th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2012, part of SPLASH 2012, Tucson, AZ, USA, October 21-25, 2012, Gary T. Leavens and Matthew B. Dwyer (Eds.). ACM, 1017–1034. https://doi.org/10.1145/2384616.2384690 Google ScholarDigital Library
- Guoqing (Harry) Xu, Nick Mitchell, Matthew Arnold, Atanas Rountev, Edith Schonberg, and Gary Sevitsky. 2010. Finding low-utility data structures. In Proceedings of the 2010 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2010, Toronto, Ontario, Canada, June 5-10, 2010, Benjamin G. Zorn and Alexander Aiken (Eds.). ACM, 174–186. https://doi.org/10.1145/1806596.1806617 Google ScholarDigital Library
- Guoqing (Harry) Xu, Nick Mitchell, Matthew Arnold, Atanas Rountev, and Gary Sevitsky. 2010. Software bloat analysis: finding, removing, and preventing performance problems in modern large-scale object-oriented applications. In Proceedings of the Workshop on Future of Software Engineering Research, FoSER 2010, at the 18th ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2010, Santa Fe, NM, USA, November 7-11, 2010, Gruia-Catalin Roman and Kevin J. Sullivan (Eds.). ACM, 421–426. https://doi.org/10.1145/1882362.1882448 Google ScholarDigital Library
- Zhang Yunha. [n. d.]. Bypass Control Flow Guard Comprehensively. h Google Scholar
- Chao Zhang, Tao Wei, Zhaofeng Chen, Lei Duan, Laszlo Szekeres, Stephen McCamant, Dawn Song, and Wei Zou. 2013. Practical Control Flow Integrity and Randomization for Binary Executables. In 2013 IEEE Symposium on Security and Privacy, SP 2013, Berkeley, CA, USA, May 19-22, 2013. IEEE Computer Society, 559–573. https://doi.org/10.1109/SP.2013.44 Google ScholarDigital Library
- Mingwei Zhang and R. Sekar. 2013. Control Flow Integrity for COTS Binaries. In Proceedings of the 22Nd USENIX Conference on Security (SEC’13). USENIX Association, Berkeley, CA, USA. 337–352. isbn:978-1-931971-03-4 http://dl.acm.org/citation.cfm?id=2534766.2534796 Google Scholar
Index Terms
- Decker: Attack Surface Reduction via On-Demand Code Mapping
Recommendations
A dynamic detective method against ROP attack on ARM platform
SEES '12: Proceedings of the Second International Workshop on Software Engineering for Embedded Systemswith the popularity of embedded devices, especially smart phones, a growing attention has been paid to their programs' security. Many viruses on PC platforms migrated to embedded device have brought new threats to the security of the embedded platform. ...
BlankIt library debloating: getting what you want instead of cutting what you don’t
PLDI 2020: Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and ImplementationModern software systems make extensive use of libraries derived from C and C++. Because of the lack of memory safety in these languages, however, the libraries may suffer from vulnerabilities, which can expose the applications to potential attacks. For ...
Comments