Eternal War in Software Security: A Survey of Control Flow Protection
Bowen Tang, Huan Ying, Wei Wang, Huabin Tang
Available Online February 2017.
- https://doi.org/10.2991/emcm-16.2017.138How to use a DOI?
- Software security; Control flow protection; Operation system; Program analysis; Performance
- Software security is the cornerstone of computer system security. Among all the elements consisting of software security, control flow protection is undoubtedly the most important one. Once the process's control flow is hijacked, attacker can manipulate it to implement a variety of malicious acts and break through other protection mechanisms which ultimately lead to the control of the entire system. This paper will present a series of offensive and defensive technologies about Control Flow Protection which have been developed in the past three decades. The paper will elaborate the causes of their emergence, explain the principle of their implement, and compare the security and performance of their method. Additionally, it will introduce some other technologies applied in the progress of attack and mitigation, such as program analysis, virtual memory management, machine learning and so on. Through those above illustration and analysis, the paper summarizes three primary suggestions which not only can enlighten security engineers on the design of new methods, but also can help general developers to estimate their software's robustness, practicability and performance.
- Open Access
- This is an open access article distributed under the CC BY-NC license.
Cite this article
TY - CONF AU - Bowen Tang AU - Huan Ying AU - Wei Wang AU - Huabin Tang PY - 2017/02 DA - 2017/02 TI - Eternal War in Software Security: A Survey of Control Flow Protection BT - 2016 7th International Conference on Education, Management, Computer and Medicine (EMCM 2016) PB - Atlantis Press SN - 2352-538X UR - https://doi.org/10.2991/emcm-16.2017.138 DO - https://doi.org/10.2991/emcm-16.2017.138 ID - Tang2017/02 ER -