Computer Science ›› 2019, Vol. 46 ›› Issue (11A): 417-420, 432.

• Information Security • Previous Articles     Next Articles

Fine-grained Control Flow Integrity Method on Binaries

SIDIKE Pa-erhatijiang, MA Jian-feng, SUN Cong   

  1. (School of Cyber Engineering,Xidian University,Xi’an 710071,China)
  • Online:2019-11-10 Published:2019-11-20

Abstract: Control flow integrity (CFI) is a security technology to prevent control flow hijacking attacks.Most of exis-ting CFI solutions implement coarse-grained control flow integrity due to the performance overhead.This papere presented a fine-grained control flow integrity protection scheme on binaries called Bincon.Bincon extracts control flow information from the target binary by static analysis.Checking codesis implanted at the place where the control flow transfers,and the validity of control flow transfers is judged according tostatic analysis data.For indirect function calls,the target binary is analyzed in depth and the function prototype and call site signature are reconstructed based on the state information of parameter registers and function return value register.Call sites are mapped to the type-compatible functions to reduce the number of valid targets of indirect call sites.Compared with the compiler-based scheme Picon,the experimental results show that the proposed scheme significantly reduces the time overhead,while limiting the precision loss without the source code.

Key words: Control flow integrity, Static analysis, Binary instrumentation, Inlined execution monitor, Call-site signature

CLC Number: 

  • TP309
[1]ABADI M,BUDIU M,ERLINGSSON U,et al.Control-flow integrity[C]∥Proceedings of the 12th ACM Conference on Computer and Communications Security.ACM,2005:340-353.
[2]GE X,TALELE N,PAYER M,et al.Fine-grained control-flow integrity for kernel software[C]∥2016 IEEE European Symposium on Security and Privacy (EuroS&P).IEEE,2016:179-194.
[3]BUROW N,CARR S A,NASH J,et al.Control-flow integrity:Precision,security,and performance[J].ACM Computing Surveys (CSUR),2017,50(1):16-55.
[4]NAKAYAMA T,MISONO M,SHINAGAWA T.High-per-formance and Secure Just-in-time Compiler Protection (preliminary version)[J].Bulletin of Networking,Computing,Systems,and Software,2018,7(1):59-65.
[5]NIU B,TAN G.Per-input control-flow integrity[C]∥Procee-dings of the 22nd ACM SIGSAC Conference on Computer and Communications Security.ACM,2015:914-926.
[6]MASHTIZADEH A J,BITTAU A,MAZIERES D,et al.Cryptographically enforced control flow integrity[J].arXiv:1408.1451,2014.
[7]BOUNOV D,KICI R G,LERNER S.Protecting C++ Dynamic Dispatch Through VTable Interleaving[C]∥NDSS.2016.
[8]ELSABAGH M,FLECK D,STAVROU A.Strict Virtual CallIntegrity Checking for C++ Binaries[C]∥Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security.ACM,2017:140-154.
[9]VEEN V V D,ANDRIESSE D,GÖKTA E,et al.Practical context-sensitive CFI[C]∥Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security.ACM,2015:927-940.
[10]YAMADA K,SHANMUGAVELAYUTHAM P,KONDA S.Techniques for enforcing control flow integrity using binary translation:U.S.Patent Application 15/430,652[P].2017-11-02.
[11]TICE C,ROEDER T,COLLINGBOURNE P,et al.EnforcingForward-Edge Control-Flow Integrity in GCC & LLVM[C]∥USENIX Security Symposium.2014:941-955.
[12]BLACK R J,BURRELL T W,DE CASTRO M O T,et al.Control flow integrity enforcement at scale:U.S.Patent Application 13/450,487[P].2013-10-24.
[13]DAVI L,SADEGHI A R,WINANDY M.ROPdefender:A detection tool to defend against return-oriented programming attacks[C]∥Proceedings of the 6th ACM Symposium on Information,Computer and Communications Security.ACM,2011:40-51.
[14]COUDRAY T,FONTAINE A,CHIFFLIER P.Picon:Control Flow Integrity on LLVM IR[C]∥Symposium on security of information and communications technology (SSTIC).2015.
[15]BERNAT A R,MILLER B P.Anywhere,any-time binary in-strumentation[C]∥Proceedings of the 10th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools.ACM,2011:9-16.
[17]ZHANG M,SEKAR R.Control Flow Integrity for COTS Binaries[C]∥Proceedings of the 22nd USENIX Security Symposium.USENIX,2013:337-352.
[1] XIE Nian-nian, ZENG Fan-ping, ZHOU Ming-song, QIN Xiao-xia, LV Cheng-cheng, CHEN Zhao. Android Malware Detection with Multi-dimensional Sensitive Features [J]. Computer Science, 2019, 46(2): 95-101.
[2] ZHU Chao-yang, CHEN Xiang-zhou, YAN Long and ZHANG Xin-ming. Research on Software Defect Prediction Based on AIRS Using PCA [J]. Computer Science, 2017, 44(Z6): 483-485, 518.
[3] NING Zhuo, SHAO Da-cheng, CHEN Yong and SUN Zhi-xin. Android Static Analysis System Based on Signature and Data Flow Pattern Mining [J]. Computer Science, 2017, 44(Z11): 317-321.
[4] WEI Miao, WU Yi-jian, SHEN Li-wei, PENG Xin and ZHAO Wen-yun. Finding Type Mismatch Defects of JavaScript Based on Static Analysis [J]. Computer Science, 2017, 44(4): 223-228.
[5] MIAO Xu-dong, WANG Yong-chun, CAO Xing-chen and FANG Feng. Detection Approach for Security Vulnerability Based on Pattern Matching [J]. Computer Science, 2017, 44(4): 109-113.
[6] LV Zhao-jin, SHEN Li-wei and ZHAO Wen-yun. Scenario-oriented Location Method of Android Applications [J]. Computer Science, 2017, 44(2): 216-221, 256.
[7] ZHANG Chi, HUANG Zhiqiu and DING Zewen. Research on Static Analysis Formalism Supporting Abstract Interpretation [J]. Computer Science, 2017, 44(12): 126-130, 155.
[8] WANG Tao, HAN Lan-sheng, FU Cai, ZOU De-qing and LIU Ming. Static Detection Model and Framework for Software Vulnerability [J]. Computer Science, 2016, 43(5): 80-86, 116.
[9] LIANG Jia-biao, LI Zhao-peng, ZHU Ling and SHEN Xian-fei. Symbolic Execution Engine with Shape Analysis [J]. Computer Science, 2016, 43(3): 193-198.
[10] YIN Banghu, CHEN Liqian and WANG Ji. Analysis of Programs with Pointer Arithmetic by Combining Points-to and Numerical Abstractions [J]. Computer Science, 2015, 42(7): 32-37.
[11] WEI Song-jie and YANG Ling. Android Malware Characterization Based on Static Analysis of Hierarchical API Usage [J]. Computer Science, 2015, 42(1): 155-158,179.
[12] BIAN Pan,LIANG Bin and SHI Wen-chang. CIL Static Analysis Method for C# Program Defect Detection [J]. Computer Science, 2014, 41(1): 220-224.
[13] . Finding XSS Vulnerabilities Based on Static Analysis and Dynamic Testing [J]. Computer Science, 2012, 39(Z6): 51-53.
[14] . ROP Attach Detecting Method Based on DBI [J]. Computer Science, 2012, 39(9): 120-125.
[15] ZENG Zeng ,ZHAO Jian-hua. Code Query Technology Based on Program Analysis [J]. Computer Science, 2012, 39(2): 148-153.
Full text



[1] DU Wei, DING Shi-fei. Overview on Multi-agent Reinforcement Learning[J]. Computer Science, 2019, 46(8): 1 -8 .
[2] GAO Li-zheng, ZHOU Gang, LUO Jun-yong, LAN Ming-jing. Survey on Meta-event Extraction[J]. Computer Science, 2019, 46(8): 9 -15 .
[3] CAI Li, LI Ying-zi, JIANG Fang, LIANG Yu. Study on Clustering Mining of Imbalanced Data Fusion Towards Urban Hotspots[J]. Computer Science, 2019, 46(8): 16 -22 .
[4] YANG Zhen, WANG Hong-jun. Important Location Identification of Mobile Users Based on Trajectory Division and Density Clustering Method[J]. Computer Science, 2019, 46(8): 23 -27 .
[5] DENG Cun-bin, YU Hui-qun, FAN Gui-sheng. Integrating Dynamic Collaborative Filtering and Deep Learning for Recommendation[J]. Computer Science, 2019, 46(8): 28 -34 .
[6] ZHONG Feng-yan, WANG Yan, LI Nian-shuang. Node Selection Scheme for Data Repair in Heterogeneous Distributed Storage Systems[J]. Computer Science, 2019, 46(8): 35 -41 .
[7] SUN Guo-dao, ZHOU Zhi-xiu, LI Si, LIU Yi-peng, LIANG Rong-hua. Spatio-Temporal Evolution of Geographical Topics[J]. Computer Science, 2019, 46(8): 42 -49 .
[8] ZHANG Hui-bing, ZHONG Hao, HU Xiao-li. User Reviews Clustering Method Based on Topic Analysis[J]. Computer Science, 2019, 46(8): 50 -55 .
[9] LI Bo-jia, ZHANG Yang-sen, CHEN Ruo-yu. Method for Generating Massive Data with Assignable Distribution[J]. Computer Science, 2019, 46(8): 56 -63 .
[10] LU Xian-guang, DU Xue-hui, WANG Wen-juan. Alert Correlation Algorithm Based on Improved FP Growth[J]. Computer Science, 2019, 46(8): 64 -70 .