Strict Virtual Call Integrity Checking for C plus plus Binaries

被引:8
|
作者
Elsabagh, Mohamed [1 ]
Fleck, Dan [1 ]
Stavrou, Angelos [1 ]
机构
[1] George Mason Univ, Dept Comp Sci, Fairfax, VA 22030 USA
来源
PROCEEDINGS OF THE 2017 ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (ASIA CCS'17) | 2017年
基金
美国国家科学基金会;
关键词
Virtual table attacks; C plus; Control flow integrity; Type-call pairing; Static binary analysis;
D O I
10.1145/3052973.3052976
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Modern operating systems are equipped with defenses that render legacy code injection attacks inoperable. However. attackers can bypass these defenses by crafting attacks that reuse existing code in a program's memory. One of the most common classes of attacks manipulates inemory data used indirectly to execute code, such as function pointers. This is especially prevalent in C++ programs, since tables of function pointers (vtables) are used by all major compilers to support polymorphism. In this paper. we propose VCI, binary rewriting system that secures C++ binaries against vtable attacks. VCI works directly on stripped binary files. It identifies and reconstructs various C semantics from the binary, and constructs a strict C++ policy by resolving and pairing virtual function calls (vcalls) with precise sets of target classes. The policy is enforced by instrumenting checks into the binary at wall sites. Experimental results on SPEC CPU2006 and Firefox show that VCI is significantly more precise than state-of-the-art binary solutions. Testing against the ground truth from the source-based defense GCC VTV, VCI achieved greater than 69% precision in most cases, accounting for at least 48% to 99% additional reduction in the attack surface compared to the state-of-the-art binary defenses. VCI incurs a 7.79% average runtime overhead which is comparable to the state-of-the-art. In addition, we discuss how VCI defends against real-world attacks; and how it impacts advanced vtable reuse attacks such as COOP.
引用
收藏
页码:140 / 154
页数:15
相关论文
共 50 条
  • [21] Bounded Model Checking of C plus plus Programs Based on the Qt Framework
    Sousa, Felipe R. M.
    Cordeiro, Lucas C.
    de Lima Filho, Eddie B.
    2015 IEEE 4TH GLOBAL CONFERENCE ON CONSUMER ELECTRONICS (GCCE), 2015, : 179 - 180
  • [22] A Resizable C plus plus Container using Virtual Memory
    Rojc, Blaz
    Depolli, Matjaz
    PROCEEDINGS OF THE 16TH INTERNATIONAL CONFERENCE ON SOFTWARE TECHNOLOGIES (ICSOFT), 2021, : 481 - 488
  • [23] On Design Inference from Binaries Compiled using Modern C plus plus Defenses
    Erinfolami, Rukayat Ayomide
    Anh Quach
    Prakash, Aravind
    PROCEEDINGS OF THE 22ND INTERNATIONAL SYMPOSIUM ON RESEARCH IN ATTACKS, INTRUSIONS AND DEFENSES, 2019, : 17 - 30
  • [24] DeClassifier: Class-Inheritance Inference Engine for Optimized C plus plus Binaries
    Erinfolami, Rukayat Ayomide
    Prakash, Aravind
    PROCEEDINGS OF THE 2019 ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (ASIACCS '19), 2019, : 28 - 40
  • [25] Towards a C plus plus -based design methodology facilitating sequential equivalence checking
    Georgelin, Philippe
    Krishnaswamy, Venkat
    43RD DESIGN AUTOMATION CONFERENCE, PROCEEDINGS 2006, 2006, : 93 - +
  • [26] vcfpp: a C plus plus API for rapid processing of the variant call format
    Li, Zilong
    BIOINFORMATICS, 2024, 40 (02)
  • [27] Static call graph generator for C plus plus using debugging information
    Terashima, Yui
    Gondow, Katsuhiko
    14TH ASIA-PACIFIC SOFTWARE ENGINEERING CONFERENCE, PROCEEDINGS, 2007, : 127 - +
  • [28] CFIXX: Object Type Integrity for C plus
    Burow, Nathan
    McKee, Derrick
    Carr, Scott A.
    Payer, Mathias
    25TH ANNUAL NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM (NDSS 2018), 2018,
  • [29] BinaryRTS: Cross-language Regression Test Selection for C plus plus Binaries in CI
    Elsner, Daniel
    Kacianka, Severin
    Lipp, Stephan
    Pretschner, Alexander
    Habermann, Axel
    Graber, Maria
    Reimer, Silke
    2023 IEEE CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION, ICST, 2023, : 327 - 338
  • [30] hpnmg: A C plus plus Tool for Model Checking Hybrid Petri Nets with General Transitions
    Huels, Jannik
    Niehaus, Henner
    Remke, Anne
    NASA FORMAL METHODS (NFM 2020), 2020, 12229 : 369 - 378