Binary code continent: Finer-grained control flow integrity for stripped binaries

Minghua Wang, Heng Yin, Abhishek Vasisht Bhaskar, Purui Su, Dengguo Feng

Research output: Chapter in Book/Entry/PoemConference contribution

35 Scopus citations


Control Flow Integrity (CFI) is an effective technique to mitigate threats such as code-injection and code-reuse attacks in programs by protecting indirect transfers. For stripped binaries, a CFI policy has to be made conservatively due to the lack of source code level semantics. Existing binary-only CFI solutions such as BinCFI and CCFIR demonstrate the ability to protect stripped binaries, but the policies they apply are too permissive, allowing sophisticated code-reuse attacks. In this paper, we propose a new binary-only CFI protection scheme called BinCC, which applies static binary rewriting to provide finer-grained protection for x86 stripped ELF binaries. Through code duplication and static analysis, we divide the binary code into several mutually exclusive code continents. We further classify each indirect transfer within a code continent as either an Intra-Continent transfer or an Inter-Continent transfer, and apply separate, strict CFI polices to constrain these transfers. To evaluate BinCC, we introduce new metrics to estimate the average amount of legitimate targets of each kind of indirect transfer as well as the difficulty to leverage call preceded gadgets to generate ROP exploits. Compared to the state of the art binary-only CFI, BinCFI, the experimental results show that BinCC significantly reduces the legitimate transfer targets by 81.34% and increases the difficulty for adversaries to bypass CFI restriction to launch sophisticated ROP attacks. Also, BinCC achieves a reasonable performance, around 14% of the space overhead decrease and only 4% runtime overhead increase as compared to BinCFI.

Original languageEnglish (US)
Title of host publicationProceedings - 31st Annual Computer Security Applications Conference, ACSAC 2015
PublisherAssociation for Computing Machinery
Number of pages10
ISBN (Electronic)9781450336826
StatePublished - Dec 7 2015
Event31st Annual Computer Security Applications Conference, ACSAC 2015 - Los Angeles, United States
Duration: Dec 7 2015Dec 11 2015

Publication series

NameACM International Conference Proceeding Series


Other31st Annual Computer Security Applications Conference, ACSAC 2015
Country/TerritoryUnited States
CityLos Angeles


  • Control flow integrity

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Vision and Pattern Recognition
  • Computer Networks and Communications


Dive into the research topics of 'Binary code continent: Finer-grained control flow integrity for stripped binaries'. Together they form a unique fingerprint.

Cite this