Concept:Control-Flow Integrity (CFI) is an effective approach to mitigating control-flow hijacking attacks.
Goal:The goal of CFI is to restrict the set of possible control-flow transfers to those that are strictly required for correct program execution.
Function:Prevent control-flow hijacking attacks such as Return-Oriented Programming (ROP) from working because they would cause the program to execute control-flow transfers,which are illegal under CFI.
Control-Flow Hijacking
Code-Injection Attack
Code-Reuse Attack
Mainstream Solution
Challenge
Causes
Related work
CFIMon & BinCFI
CCFIR
BinCC
攻击方法-Bypass
TypeArmor & τCFI
Fine-grained control-flow integrity for kernel software