A survey of Hardware-based Control Flow Integrity (CFI)
Reviewed by Pithpith:H5M3ZXNJopen to challenge →
classification
cs.CR
keywords
securitypoliciesarchitecturescontrolflowhardware-basedtheyaccurate
read the original abstract
CFI is a computer security technique that detects runtime attacks by monitoring a program's branching behavior. This work presents a detailed analysis of the security policies enforced by 21 recent hardware-based CFI architectures. The goal is to evaluate the security, limitations, hardware cost, performance, and practicality of using these policies. We show that many architectures are not suitable for widespread adoption, since they have practical issues, such as relying on accurate control flow model (which is difficult to obtain) or they implement policies which provide only limited security.
This paper has not been read by Pith yet.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.