VtRoCHAP - Read-only memory and class hierarchy based protection of binaries against vtable hijacking attacks
VtRoCHAP - Read-only memory and class hierarchy based protection of binaries against vtable hijacking attacks
| Supervisor(s): | Peng Xu |
| Status: | finished |
| Topic: | Integrity Measures (CFI etc.) |
| Author: | Edelmann Michael |
| Submission: | 2018-03-15 |
| Type of Thesis: | Bachelorthesis |
DescriptionTVIP[1], Towards Vtable Integrity Protection, is a binary-based framework to provide harden binaries which can defend against vTable hijacking attacks. It uses the read-only feature of vTable to check the target function pointer. In theory, TVIP cannot defend against vtable reuse attacks. In order to implement a binary rewriting based framework to defend the vtable reuse attacks, we take the class hierarchy information(from Marx[2]) into our consideration since most of the vTable reuse attacks are caused by accessing to the illeage virtual table which is tightly associated with class hierarchy. Therefore, one direct consideration is reconsiding the TVIP with the class hiearchy information and constructing a system which utilizes the class hierarchy and binary-rewriting technologies.
Reference: |
|