Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

SoK: Runtime Integrity

Mahmoud Ammar, Adam Caulfield, Ivan De Oliveira Nunes

TL;DR

Through a comprehensive review of existing defenses, this paper positions CFI and CFA within the broader landscape of runtime defenses, critically evaluating their strengths, limitations, and trade-offs.

Abstract

This paper provides a systematic exploration of Control Flow Integrity (CFI) and Control Flow Attestation (CFA) mechanisms, examining their differences and relationships. It addresses crucial questions about the goals, assumptions, features, and design spaces of CFI and CFA, including their potential coexistence on the same platform. Through a comprehensive review of existing defenses, this paper positions CFI and CFA within the broader landscape of runtime defenses, critically evaluating their strengths, limitations, and trade-offs. The findings emphasize the importance of further research to bridge the gaps in CFI and CFA and thus advance the field of runtime defenses.

SoK: Runtime Integrity

TL;DR

Through a comprehensive review of existing defenses, this paper positions CFI and CFA within the broader landscape of runtime defenses, critically evaluating their strengths, limitations, and trade-offs.

Abstract

This paper provides a systematic exploration of Control Flow Integrity (CFI) and Control Flow Attestation (CFA) mechanisms, examining their differences and relationships. It addresses crucial questions about the goals, assumptions, features, and design spaces of CFI and CFA, including their potential coexistence on the same platform. Through a comprehensive review of existing defenses, this paper positions CFI and CFA within the broader landscape of runtime defenses, critically evaluating their strengths, limitations, and trade-offs. The findings emphasize the importance of further research to bridge the gaps in CFI and CFA and thus advance the field of runtime defenses.
Paper Structure (30 sections, 5 figures, 1 table)

This paper contains 30 sections, 5 figures, 1 table.

Table of Contents

  1. Introduction
  2. Motivation & Intended Contributions
  3. Literature Selection Criteria
  4. Scope & Related Systematizations
  5. A Lightning Tour
  6. Code Reuse Attack Background
  7. Runtime Defenses
  8. CFI & CFA: Definitions & Threat models
  9. Control Flow Integrity (CFI)
  10. Control Flow Attestation (CFA)
  11. CFI/CFA Coverage
  12. CFI/CFA Threat Models & Assumptions
  13. Design Space
  14. Different Objectives
  15. Action Mechanisms
  16. ...and 15 more sections

Figures (5)

  • Figure 1: Classes of memory corruption-based attacks to software integrity.
  • Figure 2: Control flow hijacking vs. Data-only attacks on a CFG.
  • Figure 3: A high-level overview of defenses against memory corruption-based attacks with a focus on runtime defenses (expanded based on eternal-war and nyman2020toward).
  • Figure 4: Typical CFA Interaction
  • Figure 5: Design Factors of CFI/CFA and Related Consequences