Publications
Detailed Information
Utilization of Intel Processor Trace Hardware for Efficient Context-sensitive Control-Flow Integrity : 인텔 프로세서 트레이스 하드웨어를 이용한 효율적인 컨텍스트 기반 제어 흐름 무결성 탐지
DC Field | Value | Language |
---|---|---|
dc.contributor.advisor | 백윤흥 | - |
dc.contributor.author | 김경민 | - |
dc.date.accessioned | 2017-07-14T02:43:03Z | - |
dc.date.available | 2017-07-14T02:43:03Z | - |
dc.date.issued | 2016-08 | - |
dc.identifier.other | 000000136466 | - |
dc.identifier.uri | https://hdl.handle.net/10371/122821 | - |
dc.description | 학위논문 (석사)-- 서울대학교 대학원 : 전기·정보공학부, 2016. 8. 백윤흥. | - |
dc.description.abstract | There has been quite a few security methods like data-execution prevention, which prohibit attackers from injecting their own code into the memory and executing it as if they were loading and starting a regular program. The emergence of various protection mechanisms for memory and illegal code modification has forced
attackers to look other ways for better chances, by fabricating code reuse attacks, where an attack is done by carefully stitching together various snippets of code that are parts of whats already loaded onto the executable regions of memory. However, code reuse attacks are by nature very intrusive to the control flow, so enforcing control-flow integrity policies would greatly improve the systems security against code reuse attacks. However, early forms of control-flow integrity usually determined validity of control flow solely based on whether a certain branch event has a corresponding single edge in the control-flow graph of the program, which provided adequately broad windows for attackers to bypass such security mechanisms. Attackers were still capable of constructing real-world examples of code reuse attacks by chaining gadgets of code only with control transfer operations within the given control-flow graph. Consequently, there have been claims that accompanying context-sensitiveness with control-flow integrity would vastly improve precision of security mechanisms against code reuse attacks, but real-world application of context-sensitive control-flow integrity mostly turned out to be either unforgivably inefficient or making compromises with crucial requirements. Our implementation of context-sensitive control-flow integrity isfocused on solving the previous issues by utilizing the recent Intel Processor Trace (PT) hardware. By using a hardware that stores branch history in a packetized form almost in real time, our implementation was shown to enforce context-sensitive control-flow integrity with a much higher precision and comparably low overhead. | - |
dc.description.tableofcontents | INTRODUCTION 7
BACKGROUND AND ASSUMPTIONS 14 Background 14 Intel Hardware Debugging Features 14 Control Flow Integrity 16 Assumptions 19 SYSTEM OVERVIEW 21 Loadable Kernel Module 23 Kernel Modification 25 Path Verifier 27 IMPLEMENTATION 28 Branch History Collector 30 Original Implementation of Perf 30 Regulating the Target Process and Verification Initiation 33 Other Optimizations in Perf 36 Path Verifier 37 Loadable Kernel Module 38 Program Analyzer 38 Runtime Validator 40 EXPERIMENTAL RESULTS 42 RELATED WORK 46 CONCLUSION 48 REFERENCES 49 국문 초록 52 | - |
dc.format | application/pdf | - |
dc.format.extent | 870105 bytes | - |
dc.format.medium | application/pdf | - |
dc.language.iso | en | - |
dc.publisher | 서울대학교 대학원 | - |
dc.subject | code reuse attack | - |
dc.subject | control-flow integrity | - |
dc.subject | intel processor trace | - |
dc.subject.ddc | 621 | - |
dc.title | Utilization of Intel Processor Trace Hardware for Efficient Context-sensitive Control-Flow Integrity | - |
dc.title.alternative | 인텔 프로세서 트레이스 하드웨어를 이용한 효율적인 컨텍스트 기반 제어 흐름 무결성 탐지 | - |
dc.type | Thesis | - |
dc.description.degree | Master | - |
dc.citation.pages | 53 | - |
dc.contributor.affiliation | 공과대학 전기·정보공학부 | - |
dc.date.awarded | 2016-08 | - |
- Appears in Collections:
- Files in This Item:
Item View & Download Count
Items in S-Space are protected by copyright, with all rights reserved, unless otherwise indicated.