Enhanced Function Signature Recovery
for Control-Flow Integrity Enforcement on Compiler Optimized Executables

Lead PI: Associate Professor GAO Debin
School of Information Systems, Singapore Management University

Background

Control-Flow Integrity (CFI) enforcement is a promising technique in producing trustworthy software. This project focuses on function signature recovery, which is a critical step in CFI enforcement when source code is not available. Current approaches rely on the assumption of matching function signatures at caller and callee sites in an executable; however, various compiler optimizations violate well-known calling conventions and result in unmatched function signatures recovered.


Project components

  • Investigate the extent to which modern compiler optimizations would impact the function signature recovery in Linux and Windows x86-64 architectures;
  • Propose a novel hybrid rule- and heuristic-based inferencing mechanism to improve the accuracy;
  • Apply domain knowledge to enhance existing machine-learning techniques to handle caller and callee signature recovery for both direct and indirect functions; and
  • Implement CFI through binary rewriting.

Objective

Our objective is to design and implement an automatic system to produce CFI-enforced program executables.


Collaborator

Associate Professor David LO