On the Insecurity of Constraint-sensitive Control Flow Transfer

Ranawat, Karan Raj Singh

On the Insecurity of Constraint-sensitive Control Flow Transfer

Ranawat, Karan Raj Singh

Formats

Format
BibTeX
MARCXML
TextMARC
MARC
DataCite
DublinCore
EndNote
NLM
RefWorks
RIS

Add to Basket

Files

Abstract

We still need to defend large projects like Python and Nginx that are built on top of well-knownlegacy languages like C and C++, despite the popularity of more secure languages rising as a result of the introduction of high security capabilities. By establishing a novel control flow integrity policy called Constraint Sensitive Indirect Call (CS-iCall), this thesis focuses on safeguarding indirect calls. We would first introduce the CS-iCall notion before going into the difficulties and complexities of building an LLVM tool to locate all CS-iCalls in the input binary. By contrasting CS-iCalls with current cutting-edge CFI policies, we would also be able to comprehend the relevance of these calls.

Details

Record ID

2877

Record Created

2024-12-05

Title

On the Insecurity of Constraint-sensitive Control Flow Transfer

Author

Ranawat, Karan Raj Singh

Contributor

Khandaker, Mustakimur Advisor
Doshi, Prashant Committee Member
Wang, Wenwen Committee Member

College or School

Computer Sciences

Content Type

Thesis

Pagination

47

File Format

pdf

Language

English

Degree Type

Master of Science (MS)

Name of Granting Institution

University of Georgia

Year Degree Granted

2023-06

Keywords

Compiler Security; Constraint Sensitive Indirect Call; Context Sensitive Control Flow Integrity; Control Flow Hijacking; Control Flow Integrity; Indirect Call Security

Record Appears in

Electronic Theses and Dissertations > Graduate Thesis
All Resources

System Control Number

9949574624802959

PDF

Statistics

Download Full History