Security and Privacy in Communication Networks. 13th International Conference, SecureComm 2017, Niagara Falls, ON, Canada, October 22–25, 2017, Proceedings

Research Article

FRProtector: Defeating Control Flow Hijacking Through Function-Level Randomization and Transfer Protection

Download
297 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-78813-5_34,
        author={Jianming Fu and Rui Jin and Yan Lin},
        title={FRProtector: Defeating Control Flow Hijacking Through Function-Level Randomization and Transfer Protection},
        proceedings={Security and Privacy in Communication Networks. 13th International Conference, SecureComm 2017, Niagara Falls, ON, Canada, October 22--25, 2017, Proceedings},
        proceedings_a={SECURECOMM},
        year={2018},
        month={4},
        keywords={Control flow hijacking Control flow protection Function-level randomization Code reuse attack},
        doi={10.1007/978-3-319-78813-5_34}
    }
    
  • Jianming Fu
    Rui Jin
    Yan Lin
    Year: 2018
    FRProtector: Defeating Control Flow Hijacking Through Function-Level Randomization and Transfer Protection
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-319-78813-5_34
Jianming Fu,*, Rui Jin,*, Yan Lin1,*
  • 1: Singapore Management University
*Contact email: jmfu@whu.edu.cn, r-jin@foxmail.com, yanlin.2016@phdis.smu.edu.sg

Abstract

Return-oriented programming (ROP) and jump-oriented programming (JOP) are two most common control-flow hijacking attacks. Existing defenses, such as address space layout randomization (ASLR) and control flow integrity (CFI) either are bypassed by information leakage or result in high runtime overhead. In this paper, we propose , an effective way to mitigate these two control-flow hijacking attacks. shuffles the functions of a given program and ensures each function is executed from the entry block by comparing the unique label for it at and indirect . The unique label is generated by XORing the stack frame with return address instead of with a random value and it is saved in a register rather than on the stack. We implement on LLVM 3.9 and perform extensive experiments to show only adds on average 2% runtime overhead and 2.2% space overhead on SPEC CPU2006 benchmark programs. Our security analysis on RIPE benchmark confirms that is effective in defending control-flow hijacking attacks.