Twenty years later: evaluating the adoption of control flow integrity
Saved in:
| Title: | Twenty years later: evaluating the adoption of control flow integrity |
|---|---|
| Authors: | Houy, Sabine, Bartel, Alexandre |
| Source: | ACM Transactions on Software Engineering and Methodology. 34(4) |
| Subject Terms: | CFI, memory corruption vulnerabilities, mitigation techniques, software maintenance, static analysis |
| Description: | Memory corruption vulnerabilities still allow compromising computers through software written in a memory-unsafe language such as C/C++. This highlights that mitigation techniques to prevent such exploitations are not all widely deployed. In this article, we introduce SeeCFI, a tool to detect the presence of a memory corruption mitigation technique called Control Flow Integrity (CFI). We leverage SeeCFI to investigate to what extent the mitigation has been deployed in complex software systems such as Android and specific Linux distributions (Ubuntu and Debian). Our results indicate that the overall adoption of CFI (forward- and backward-edge) is increasing across Android versions (∼30% in Android 13) but remains the same low (1%) throughout different Linux versions. Our tool, SeeCFI, offers the possibility to identify which binaries in a system were compiled using the CFI option. This can be deployed by external security researchers to efficiently decide which binaries to prioritize when fixing vulnerabilities and how to fix them. Therefore, SeeCFI can help to make software systems more secure. |
| File Description: | electronic |
| Access URL: | https://urn.kb.se/resolve?urn=urn:nbn:se:umu:diva-239174 https://doi.org/10.1145/3702982 |
| Database: | SwePub |
Full Text Finder 
Nájsť tento článok vo Web of Science | Abstract: | Memory corruption vulnerabilities still allow compromising computers through software written in a memory-unsafe language such as C/C++. This highlights that mitigation techniques to prevent such exploitations are not all widely deployed. In this article, we introduce SeeCFI, a tool to detect the presence of a memory corruption mitigation technique called Control Flow Integrity (CFI). We leverage SeeCFI to investigate to what extent the mitigation has been deployed in complex software systems such as Android and specific Linux distributions (Ubuntu and Debian). Our results indicate that the overall adoption of CFI (forward- and backward-edge) is increasing across Android versions (∼30% in Android 13) but remains the same low (1%) throughout different Linux versions. Our tool, SeeCFI, offers the possibility to identify which binaries in a system were compiled using the CFI option. This can be deployed by external security researchers to efficiently decide which binaries to prioritize when fixing vulnerabilities and how to fix them. Therefore, SeeCFI can help to make software systems more secure. |
|---|---|
| ISSN: | 1049331X 15577392 |
| DOI: | 10.1145/3702982 |