Utilization of Intel Processor Trace Hardware for Efficient Context-sensitive Control-Flow Integrity

Abstract

There has been quite a few security methods like data-execution prevention, which prohibit attackers from injecting their own code into the memory and executing it as if they were loading and starting a regular program. The emergence of various protection mechanisms for memory and illegal code modification has forced attackers to look other ways for better chances, by fabricating code reuse attacks, where an attack is done by carefully stitching together various snippets of code that are parts of whats already loaded onto the executable regions of memory. However, code reuse attacks are by nature very intrusive to the control flow, so enforcing control-flow integrity policies would greatly improve the systems security against code reuse attacks. However, early forms of control-flow integrity usually determined validity of control flow solely based on whether a certain branch event has a corresponding single edge in the control-flow graph of the program, which provided adequately broad windows for attackers to bypass such security mechanisms. Attackers were still capable of constructing real-world examples of code reuse attacks by chaining gadgets of code only with control transfer operations within the given control-flow graph. Consequently, there have been claims that accompanying context-sensitiveness with control-flow integrity would vastly improve precision of security mechanisms against code reuse attacks, but real-world application of context-sensitive control-flow integrity mostly turned out to be either unforgivably inefficient or making compromises with crucial requirements. Our implementation of context-sensitive control-flow integrity isfocused on solving the previous issues by utilizing the recent Intel Processor Trace (PT) hardware. By using a hardware that stores branch history in a packetized form almost in real time, our implementation was shown to enforce context-sensitive control-flow integrity with a much higher precision and comparably low overhead.