CFCI: Strong Code Integrity for COTS Binaries
Introduction
Despite decades of sustained effort, memory corruption attacks continue to be one of the most serious security threats faced today. They are highly sought after by attackers, as they provide ultimate control -- the ability to execute arbitrary low-level code. Attackers have shown time and again their ability to overcome widely deployed countermeasures such as Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) by crafting ReturnOriented Programming (ROP) attacks. Although Turing-complete ROP attacks have been demonstrated in research papers, real-world ROP payloads have had a more limited objective: that of disabling DEP so that injected native code attacks can be carried out. In this project, we have developed a systematic defense, called Control Flow and Code Integrity (CFCI), that makes injected native code attacks impossible. CFCI achieves this without sacrificing compatibility with existing software, the need to replace system programs suchas the dynamic loader, and without significant performance penalty.Status
CFCI is alpha software. It is provided for research and evaluation purposes only.Download
Available soon as a Virtual Box VM shipped under GPL: cfci-vbox-v1.0.tar.gz.