Modular Control-Flow Integrity (MCFI)

MCFI is a new form of Control-Flow Integrity that supports separate compilation, including the support of dynamically linked libraries and just-in-time compilation. The key technique is to have the control-flow graph represented in a runtime table and have reads and updates of the data structure wrapped in transactions to ensure thread safety. Our evaluation on SPECCPU2006 benchmarks shows that MCFI supports separate compilation, incurs low overhead of around 5%, and enhances security.

In a follow-up work called RockJIT, we demonstrated that MCFI can accommodate native code that is generated on the fly in a just-in-time compiler. RockJIT hardens both the JIT compiler and JITted code. Our evaluation on the V8 engine (Google's JavaScript engine) shows that RockJIT-hardened V8 can remove over 99.97% functionality-irrelevant indirect branch edges, and is only 14.6% slower than the vanilla V8. Our experience further shows that our scheme requires only minimal changes to a JIT compiler (for V8, only 800 lines of changes, about 0.14% of V8's code base). Furthermore, we believe our scheme can be easily adopted by other JIT compilers.

News of the project




This project is sponsored by a CAREER grant from NSF's Secure and Trustworthy Cyberspace (SaTC) program.

Last updated: Jun. 2017