Protecting function pointers in binary

Chao Zhang; Tao Wei; Zhaofeng Chen; Lei Duan; Stephen McCamant; Laszlo Szekeres

doi:10.1145/2484313.2484376

Protecting function pointers in binary

Chao Zhang, Tao Wei, Zhaofeng Chen, Lei Duan, Stephen McCamant, Laszlo Szekeres

Computer Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

8 Scopus citations

Abstract

Function pointers have recently become an important attack vector for control-flow hijacking attacks. However, no protection mechanisms for function pointers have yet seen wide adoption. Methods proposed in the literature have high overheads, are not compatible with existing development process, or both. In this paper, we investigate several protection methods and propose a new method called FPGate (i.e., Function Pointer Gate). FPGate rewrites x86 binary executables and implements a novel method to overcome compatibility issues. All these protection methods are then evaluated and compared from the perspectives of performance and ease of deployment. Experiments show that FPGate achieves a good balance between performance, robustness and compatibility.

Original language	English (US)
Title of host publication	ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security
Pages	487-492
Number of pages	6
DOIs	https://doi.org/10.1145/2484313.2484376
State	Published - 2013
Event	8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS 2013 - Hangzhou, China Duration: May 8 2013 → May 10 2013

Publication series

Name	ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security

Other

Other	8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS 2013
Country/Territory	China
City	Hangzhou
Period	5/8/13 → 5/10/13

Keywords

binary rewriting
function pointer protection

Publisher link

10.1145/2484313.2484376

Find It

Find It at U of M Libraries

Cite this

Zhang, C., Wei, T., Chen, Z., Duan, L., McCamant, S., & Szekeres, L. (2013). Protecting function pointers in binary. In ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security (pp. 487-492). (ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security). https://doi.org/10.1145/2484313.2484376

Protecting function pointers in binary. / Zhang, Chao; Wei, Tao; Chen, Zhaofeng et al.
ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security. 2013. p. 487-492 (ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Zhang, C, Wei, T, Chen, Z, Duan, L, McCamant, S & Szekeres, L 2013, Protecting function pointers in binary. in ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security. ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 487-492, 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS 2013, Hangzhou, China, 5/8/13. https://doi.org/10.1145/2484313.2484376

Zhang C, Wei T, Chen Z, Duan L, McCamant S, Szekeres L. Protecting function pointers in binary. In ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security. 2013. p. 487-492. (ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security). doi: 10.1145/2484313.2484376

@inproceedings{7baa8ef4dcbc474bb09ef92145c1601e,

title = "Protecting function pointers in binary",

abstract = "Function pointers have recently become an important attack vector for control-flow hijacking attacks. However, no protection mechanisms for function pointers have yet seen wide adoption. Methods proposed in the literature have high overheads, are not compatible with existing development process, or both. In this paper, we investigate several protection methods and propose a new method called FPGate (i.e., Function Pointer Gate). FPGate rewrites x86 binary executables and implements a novel method to overcome compatibility issues. All these protection methods are then evaluated and compared from the perspectives of performance and ease of deployment. Experiments show that FPGate achieves a good balance between performance, robustness and compatibility.",

keywords = "binary rewriting, function pointer protection",

author = "Chao Zhang and Tao Wei and Zhaofeng Chen and Lei Duan and Stephen McCamant and Laszlo Szekeres",

year = "2013",

doi = "10.1145/2484313.2484376",

language = "English (US)",

isbn = "9781450317672",

series = "ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security",

pages = "487--492",

booktitle = "ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security",

note = "8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS 2013 ; Conference date: 08-05-2013 Through 10-05-2013",

}

TY - GEN

T1 - Protecting function pointers in binary

AU - Zhang, Chao

AU - Wei, Tao

AU - Chen, Zhaofeng

AU - Duan, Lei

AU - McCamant, Stephen

AU - Szekeres, Laszlo

PY - 2013

Y1 - 2013

N2 - Function pointers have recently become an important attack vector for control-flow hijacking attacks. However, no protection mechanisms for function pointers have yet seen wide adoption. Methods proposed in the literature have high overheads, are not compatible with existing development process, or both. In this paper, we investigate several protection methods and propose a new method called FPGate (i.e., Function Pointer Gate). FPGate rewrites x86 binary executables and implements a novel method to overcome compatibility issues. All these protection methods are then evaluated and compared from the perspectives of performance and ease of deployment. Experiments show that FPGate achieves a good balance between performance, robustness and compatibility.

AB - Function pointers have recently become an important attack vector for control-flow hijacking attacks. However, no protection mechanisms for function pointers have yet seen wide adoption. Methods proposed in the literature have high overheads, are not compatible with existing development process, or both. In this paper, we investigate several protection methods and propose a new method called FPGate (i.e., Function Pointer Gate). FPGate rewrites x86 binary executables and implements a novel method to overcome compatibility issues. All these protection methods are then evaluated and compared from the perspectives of performance and ease of deployment. Experiments show that FPGate achieves a good balance between performance, robustness and compatibility.

KW - binary rewriting

KW - function pointer protection

UR - https://www.scopus.com/pages/publications/84877975195

UR - https://www.scopus.com/inward/citedby.url?scp=84877975195&partnerID=8YFLogxK

U2 - 10.1145/2484313.2484376

DO - 10.1145/2484313.2484376

M3 - Conference contribution

AN - SCOPUS:84877975195

SN - 9781450317672

T3 - ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security

SP - 487

EP - 492

BT - ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security

T2 - 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS 2013

Y2 - 8 May 2013 through 10 May 2013

ER -

Protecting function pointers in binary

Abstract

Publication series

Other

Keywords

Publisher link

Find It

Other files and links

Fingerprint

Cite this