Proconda – Protected Control Data

09/09/2019 ∙ by Marie-Therese Walter, et al. ∙ 0

Memory corruption vulnerabilities often enable attackers to take control of a target system by overwriting control-flow relevant data (such as return addresses and function pointers), which are potentially stored in close proximity of related, typically user-controlled data on the stack. In this paper, we propose ProConDa, a general approach for protecting control-flow relevant data on the stack ProConDa leverages hardware features to enforce a strict separation between control-flow relevant and regular data of programs written in non-memory-safe languages such as C. Contrary to related approaches, ProConDa does not rely on information hiding and is therefore not susceptible to several recent attacks specifically targeting information hiding as a foundation for memory isolation. We show that ProConDa enforcement is compatible with existing software by applying a software-based prototype to industry benchmarks on an ARM CPU running Linux.



There are no comments yet.


page 1

page 2

page 3

page 4

This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.