Abstract | ||
---|---|---|
Recent micro-architectural research has proposed various schemes to enhance processors with additional tags to track various properties of a program. Such a technique, which is usually referred to as information flow tracking, has been widely applied to secure software execution (e.g., taint tracking), protect software privacy and improve performance (e.g., control speculation). In this paper, we propose a novel use of information flow tracking to obfuscate the whole control flow of a program with only modest performance degradation, to defeat malicious code injection, discourage software piracy and impede malware analysis. Specifically, we exploit two common features in information flow tracking: the architectural support for automatic propagation of tags and violation handling of tag misuses. Unlike other schemes that use tags as oracles to catch attacks (e.g., taint tracking) or speculation failures, we use the tags as flow-sensitive predicates to hide normal control flow transfers: the tags are used as predicates for control flow transfers to the violation handler, where the real control flow transfer happens. We have implemented a working prototype based on Itanium processors, by leveraging the hardware support for control speculation. Experimental results show that BOSH can obfuscate the whole control flow with only a mean of 26.7% (ranging from 4% to 59%) overhead on SPECINT2006. The increase in code size and compilation time is also modest. |
Year | DOI | Venue |
---|---|---|
2009 | 10.1145/1669112.1669162 | MICRO |
Keywords | Field | DocType |
software execution,control speculation,invasive software,information flow,real control flow transfer,itanium processors,data privacy,control flow transfer,microprocessor chips,whole control flow,software execution security,malware analysis,opaque predicate,normal control flow transfer,malicious code injection,control flow obfuscation,novel use,program control structures,software piracy,information flow tracking,taint tracking,software privacy protection,control flow,data mining,hardware,resilience,security,binary codes | Information flow (information theory),Opaque predicate,Computer science,Code injection,Control flow,Parallel computing,Exploit,Real-time computing,Software,Obfuscation,Malware analysis | Conference |
ISSN | ISBN | Citations |
1072-4451 | 978-1-60558-798-1 | 16 |
PageRank | References | Authors |
0.77 | 22 | 6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Haibo Chen | 1 | 1749 | 123.40 |
Liwei Yuan | 2 | 55 | 2.74 |
Xi Wu | 3 | 419 | 26.88 |
Binyu Zang | 4 | 984 | 62.75 |
Bo Huang | 5 | 339 | 17.03 |
Pen-Chung Yew | 6 | 1430 | 133.52 |