"single-stepping on branches" is processor hardware feature of x86/Intel architecture. When it is enabled, the processor generates a single-step debug exception only after instructions that cause a branch. This mechanism
allows a debugger to single-step on control transfers caused by branches. What does this imply to defense against control-flow hijacking attacks (e.g. ROP or JOP) ?
Showing posts with label CFI. Show all posts
Showing posts with label CFI. Show all posts
Monday, January 26, 2015
Sunday, November 16, 2014
Latest researching status of ROP/JOP attacks and defenses
Control Flow Hijacking, like ROP, becomes a hot topic in recent years since ever DEP(W^X enforcement) and SMEP were introduced in h/w processor. Based upon the papers that I read recently, this post just gives a brief introduction on the recent researching status (though incomplete) about control flow attacks and defenses.
Wednesday, October 22, 2014
Control Flow Integrity (CFI)
Traditionally, arbitrary malicious code execution (e.g. caused by buffer overflow, stack or heap manipulation) is one of major threats in computer security.
But due to the fact that there are many hardware-enforced security features are introduced in recent processors, for example in my previous post, the attackers are starting to explore the other advanced techniques.
But due to the fact that there are many hardware-enforced security features are introduced in recent processors, for example in my previous post, the attackers are starting to explore the other advanced techniques.
Subscribe to:
Posts (Atom)