Binary code continent: Finer-grained control flow integrity for stripped binaries

Minghua Wang, Heng Yin, Abhishek Vasisht Bhaskar, Purui Su, Dengguo Feng

Research output: Chapter in Book/Report/Conference proceedingConference contribution

17 Scopus citations

Abstract

Control Flow Integrity (CFI) is an effective technique to mitigate threats such as code-injection and code-reuse attacks in programs by protecting indirect transfers. For stripped binaries, a CFI policy has to be made conservatively due to the lack of source code level semantics. Existing binary-only CFI solutions such as BinCFI and CCFIR demonstrate the ability to protect stripped binaries, but the policies they apply are too permissive, allowing sophisticated code-reuse attacks. In this paper, we propose a new binary-only CFI protection scheme called BinCC, which applies static binary rewriting to provide finer-grained protection for x86 stripped ELF binaries. Through code duplication and static analysis, we divide the binary code into several mutually exclusive code continents. We further classify each indirect transfer within a code continent as either an Intra-Continent transfer or an Inter-Continent transfer, and apply separate, strict CFI polices to constrain these transfers. To evaluate BinCC, we introduce new metrics to estimate the average amount of legitimate targets of each kind of indirect transfer as well as the difficulty to leverage call preceded gadgets to generate ROP exploits. Compared to the state of the art binary-only CFI, BinCFI, the experimental results show that BinCC significantly reduces the legitimate transfer targets by 81.34% and increases the difficulty for adversaries to bypass CFI restriction to launch sophisticated ROP attacks. Also, BinCC achieves a reasonable performance, around 14% of the space overhead decrease and only 4% runtime overhead increase as compared to BinCFI.

Original languageEnglish (US)
Title of host publicationACM International Conference Proceeding Series
PublisherAssociation for Computing Machinery
Pages331-340
Number of pages10
Volume7-11-December-2015
ISBN (Print)9781450336826
DOIs
StatePublished - Dec 7 2015
Event31st Annual Computer Security Applications Conference, ACSAC 2015 - Los Angeles, United States
Duration: Dec 7 2015Dec 11 2015

Other

Other31st Annual Computer Security Applications Conference, ACSAC 2015
CountryUnited States
CityLos Angeles
Period12/7/1512/11/15

Keywords

  • Control flow integrity

ASJC Scopus subject areas

  • Human-Computer Interaction
  • Computer Networks and Communications
  • Computer Vision and Pattern Recognition
  • Software

Fingerprint Dive into the research topics of 'Binary code continent: Finer-grained control flow integrity for stripped binaries'. Together they form a unique fingerprint.

  • Cite this

    Wang, M., Yin, H., Bhaskar, A. V., Su, P., & Feng, D. (2015). Binary code continent: Finer-grained control flow integrity for stripped binaries. In ACM International Conference Proceeding Series (Vol. 7-11-December-2015, pp. 331-340). Association for Computing Machinery. https://doi.org/10.1145/2818000.2818017