AUTHOR(S):
|
TITLE An Empirical Study on the Characteristics of Program Control Flow Data |
ABSTRACT Program control flow described in the program dictates its behavior. To have the software behavior dependable and trustworthy, it is critical to secure the program control flow data. Software faults and attacks cause unwanted control flow transfers in program execution via compromised control flow data. However, there are surprisingly little studies on the characteristics of program control flow data. To represent a program control flow, one needs information on the source and the destination, preferably also the path to reach the source, of each control transfer instance. Since they together represent each control transfer instance uniquely, it can be considered a program behavior signature. This paper reports how many unique sources and destinations there are in the execution profiles. The profiled execution traces show that the number of unique control flow transfer instances are surprisingly low, which suggest that confining the program control flow within the set of the unique control flow transfers are feasible in practice. With the control flow confinement, software behavior would be within the expected scope, avoiding unexpected mis-behavior, which leads to more dependable and secure environment for IoT (Internet of Things) and CPS (Cyber Physical System). |
KEYWORDS Control Flow Graph, Dependability, Indirect Branch, Software Security |
REFERENCES [1] M. Abadi, M. Budiu, U. Erlingsson and J. Ligatti, “Control-flow integrity principles, implementations, and applications”, ACM Transactions on Information and System Security, vol. 13, issue 1, Oct. 2009, Article no. 4 [2] Bochs, “The Open Source IA-32 Emulation Project”, http://bochs.sourceforge.net/ [3] E. Buchanan, R. Roemer, H. Shacham, and S. Savage, “When good instructions go bad: Generalizing return-oriented programming to RISC,” in Proceedings of the 15th ACM conference on Computer and Communications Security, Oct. 2008, pp. 27–38. [4] N. Carlini and D. Wagner, “ROP is still dangerous: Breaking modern defenses”, in Proceeding of the 23rd USENIX conference on Security Symposium, 2014, pp. 385-399 [5] N. Carlini, A. Barresi, M. Payer, D. Wagner and T. R. Gross, “Control-flow bending: on the effectiveness of control-flow integrity”, in Proceedings of the 24nd USENIX conference on Security Symposium, 2015, pp. 161-176 [6] S. Checkoway, L. Davi, A. Dmitrienko, A.-R. Sadeghi, H. Shacham, and M. Winandy, “Return Oriented Programming without Returns”, in Proceedings of the 17th ACM conference on Computer and Communications Security, 2010, pp. 559-572. [7] S. Chen, J. Xu, E. C. Sezer, P. Gauriar, and R. Iyer. “Non-Control-Data Attacks Are Realistic Threats”, in Proceedings of the 14th conference on USENIX Security Symposium, Aug. 2005, pp. 12-26. [8] S. Chen, J. Xu, N. Nakka, Z. Kalbarczyk, R. Iyer. “Defeating Memory Corruption Attacks via Pointer Taintedness Detection”. in Proceedings of the International Conference on Dependable Systems and Networks, June, 2005, pp. 378-387 [9] C. Cowan, C. Pu, D. Maier, J. Walphole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang, and H. Hinton, “StackGuard: Automatic adaptive detection and prevention of bufferoverflow attacks”, in Proceedings of the 7th conference on USENIX Security Symposium, Jan 1998, pp. 5-20. [10] L. Davi, A. Sadeghi, D. Lehmann, F. Monrose, "Stitching the gadgets: on the ineffectiveness of coarse-grained control-flow integrity protection", in Proceedings of the 23rd USENIX conference on Security Symposium, 2014, pp. 401-416. [11] H. Feng, O. Kolesnikov, P. Fogla, W. Lee, W. Gong, “Anomaly Detection Using Call Stack Information”, in Proceedings of the 2003 IEEE Symposium on Security and Privacy, May, 2003, pp. 62-75. [12] S. Forrest, S. Hofmeyr, A. Somayajo, T. Longstaff, “A Sense of Self for Unix Processes”, in Proceedings of the IEEE Symposium on Security and Privacy, 1996, pp. 120-128. [13] M Frantzen and M. Shuey. “Stackghost: Hardware facilitated stack protection”, in Proceedings of the 10th conference on USENIX Security Symposium, Aug. 2001, vol. 10, no. 5. [14] G. Fursin, J. Cavazos, M. O'Boyle and O. Temam, "MiDataSets: creating the conditions for a more realistic evaluation of Iterative optimization", in Proceeding of the 2nd international conference on High performance embedded architectures and compilers, 2007, pp. 245-260 [15] E. Goktas, E. Athanasopoulos, H. Bos, and G. Portokalidis, “Out of control: Overcoming control-flow integrity”, in Proceedings of the IEEE Symposium on Security and Privacy, 2014, pp. 575-589. [16] M . Guthaus, J. S. Ringenberg, D. Ernst, T. Austin, T. Mudge, and R. B. Brown, “Mibench: A free, commercially representative embedded benchmark suite”, in Proceedings of the IEEE 4th Annual Workshop on Workload Characterization, Dec. 2001, pp. 3-14. [17] G. Lee and A. Tyagi, “Encoded Program Counter: Self-Protection from Buffer Overflow Attacks”, in Proceedings of the First International Conference on Internet Computing, June 2000, pp. 387-394. [18] Y. Park, Z. Zhang, G. Lee, “Microarchitectural Protection Against StackBased Buffer Overflow Attack”, IEEE Micro, July 2006, vol 26, no. 4, pp. 62-71. [19] R. Sekar, M. Bendre, P. Bollineni, D. Dhurjati, "A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors", in Proceedings of the IEEE Symposium on Security and Privacy, 2001, pp. 144-155. [20] H. Shacham, “The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86),” in Proceedings of the 14th ACM conference on Computer and Communications security, Oct. 2007, pp. 552– 61. [21] SSH CRC-32 Compensation Attack Detector Vulnerability. http://www.securityfocus.com/bid/2347/ [22] M. Tran, M. Etheridge, T. Bletsch, X. Jiang, V. Freeh, and P. Ning, “On the expressiveness of return-into-libc attacks,” in Proceedings of the 14th International conference on Recent Advances in Intrusion Detection, 2011, pp. 121– 141. [23] N. Tuck, B. Calder, G. Varghese, “Hardware and Binary Modification Support for Code Pointer Protection from Buffer Overflow”, in Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture, 2004, pp. 209-220. [24] V. Veen, D. Andriesse, E. Göktaş, B. Gras, L. Sambuc, A. Slowinska, H. Bos, C. Giuffrida, “Practical Context-Sensitive CFI”, in Proceedings of the 22th ACM conference on Computer and Communications Security, 2012, pp. 927–940. [25] D. Wagner, D. Dean, “intrusion detection via Static Analysis”, in Proceedings of the IEEE Symposium on Security and Privacy, 2001, pp. 156-168. |
Cite this paper Yongsuk Lee, Gyungho Lee. (2017) An Empirical Study on the Characteristics of Program Control Flow Data. International Journal of Computers, 2, 21-27 |
|