Fastcfi: Real-Time Control Flow Integrity Using Fpga Without Code Instrumentation
RUNTIME VERIFICATION, RV 2019(2019)
摘要
Control Flow Integrity (CFI) is an effective defense technique against a variety of memory-based cyber attacks. CFI is usually enforced through software methods, which entail considerable performance overhead. Hardware-based CFI techniques can largely avoid performance overhead, but typically rely on code instrumentation, which forms a non-trivial hurdle to the application ofCFI. We develop FastCFI, anFPGAbasedCFI system that can perform fine-grained and stateful checking without code instrumentation. We also propose an automated Verilog generation technique that facilitates fast deployment of FastCFI. Experiments on popular benchmarks confirm that FastCFI can detect fine-grained CFI violations over unmodified binaries. The measurement results show an average of 0.36% performance overhead on SPEC 2006 benchmarks.
更多查看译文
关键词
Control-flow integrity, field-programmable gate array, security
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络