2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)
Download PDF

Abstract

Hardware-Assisted Flow Integrity extension (HAFIX) was proposed as a defense against code-reuse attacks that exploit backward edges (returns). HAFIX provides fine-grained protection by confining return addresses to only target call sites in functions active on the call stack. We study whether the backward-edge policy in HAFIX is sufficient to prevent code-reuse exploits on real-world programs. In this paper, we present three general attacks that exploit weaknesses in HAFIX and demonstrate these attacks are effective in case studies examining Nginx web server, Exim mail server, and PHP. We then propose improvements to HAFIX we believe will improve its effectiveness against code-reuse attacks.
Like what you’re reading?
Already a member?Sign In
Member Price
$11
Non-Member Price
$21
Add to CartSign In
Get this article FREE with a new membership!

Related Articles