Show simple item record

dc.contributor.author
Payer, Mathias
dc.contributor.author
Barresi, Antonio
dc.contributor.author
Gross, Thomas K.R.
dc.date.accessioned
2017-10-26T14:00:48Z
dc.date.available
2017-06-11T09:44:17Z
dc.date.available
2017-10-26T14:00:48Z
dc.date.issued
2014
dc.identifier.uri
http://hdl.handle.net/20.500.11850/85396
dc.identifier.doi
10.3929/ethz-a-010171214
dc.description.abstract
Applications written in low-level languages without type or memory safety are especially prone to memory corruption. Attackers gain code execution capabilities through such applications despite all currently deployed defenses by exploiting memory corruption vulnerabilities. Control-Flow Integrity (CFI) is a promising defense mechanism that restricts open control-flow transfers to a static set of well-known locations. We present Lockdown, an approach to dynamic CFI that protects legacy, binary-only executables and libraries. Lockdown adaptively learns the control-flow graph of a running process using information from a trusted dynamic loader. The sandbox component of Lockdown restricts interactions between different shared objects to imported and exported functions by enforcing fine-grained CFI checks. Our prototype implementation shows that dynamic CFI results in low performance overhead.
en_US
dc.language.iso
en
en_US
dc.publisher
ETH-Zürich
en_US
dc.rights.uri
http://rightsstatements.org/page/InC-NC/1.0/
dc.subject
DATA SECURITY + DATA PROTECTION (OPERATING SYSTEMS)
en_US
dc.subject
SPEICHERORGANISATION + SPEICHERVERWALTUNG (BETRIEBSSYSTEME)
en_US
dc.subject
SPECIAL PROGRAMMING METHODS
en_US
dc.subject
SPEZIELLE PROGRAMMIERMETHODEN
en_US
dc.subject
STORAGE MANAGEMENT + MEMORY MANAGEMENT (OPERATING SYSTEMS)
en_US
dc.subject
DATENSICHERHEIT + DATENSCHUTZ (BETRIEBSSYSTEME)
en_US
dc.title
Lockdown
en_US
dc.type
Report
dc.rights.license
In Copyright - Non-Commercial Use Permitted
dc.date.published
2014
ethz.title.subtitle
Dynamic Control-Flow Integrity
en_US
ethz.journal.title
Technical Report Department of Computer Science
ethz.size
10 p.
en_US
ethz.code.ddc
0 - Computer science, information & general works::004 - Data processing, computer science
en_US
ethz.identifier.nebis
010171214
ethz.publication.place
Zürich
en_US
ethz.publication.status
published
en_US
ethz.leitzahl
ETH Zürich::00002 - ETH Zürich, direkt::00012 - Lehre und Forschung, direkt::00007 - Departemente, direkt::02150 - Departement Informatik / Department of Computer Science
en_US
ethz.leitzahl
ETH Zürich::00002 - ETH Zürich, direkt::00012 - Lehre und Forschung, direkt::00007 - Departemente, direkt::02150 - Departement Informatik / Department of Computer Science::02641 - Institut für Computersysteme / Computer Systems Institute::03422 - Gross, Thomas
en_US
ethz.leitzahl.certified
ETH Zürich::00002 - ETH Zürich, direkt::00012 - Lehre und Forschung, direkt::00007 - Departemente, direkt::02150 - Departement Informatik / Department of Computer Science::02641 - Institut für Computersysteme / Computer Systems Institute::03422 - Gross, Thomas
ethz.date.deposited
2017-06-11T09:44:54Z
ethz.source
ECOL
ethz.source
ECIT
ethz.identifier.importid
imp593652001e9e134565
ethz.identifier.importid
imp59366b5deb99d76265
ethz.ecolpid
eth:8714
ethz.ecitpid
pub:134521
ethz.eth
yes
en_US
ethz.availability
Open access
en_US
ethz.rosetta.installDate
2017-07-18T22:37:42Z
ethz.rosetta.lastUpdated
2017-10-26T14:00:50Z
ethz.rosetta.exportRequired
false
ethz.rosetta.versionExported
true
ethz.COinS
ctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.atitle=Lockdown&rft.jtitle=Technical%20Report%20Department%20of%20Computer%20Science&rft.date=2014&rft.au=Payer,%20Mathias&Barresi,%20Antonio&Gross,%20Thomas%20K.R.&rft.genre=preprint&
 Search via SFX

Files in this item

Thumbnail

Publication type

Show simple item record