Enhanced Function Signature Recovery for Control-Flow Integrity Enforcement on Compiler Optimized Executables Lead PI: Associate Professor GAO Debin School of Information Systems, Singapore Management University

---

Background Control-Flow Integrity (CFI) enforcement is a promising technique in producing trustworthy software. This project focuses on function signature recovery, which is a critical step in CFI enforcement when source code is not available. Current approaches rely on the assumption of matching function signatures at caller and callee sites in an executable; however, various compiler optimizations violate well-known calling conventions and result in unmatched function signatures recovered. Project components Investigate the extent to which modern compiler optimizations would impact the function signature recovery in Linux and Windows x86-64 architectures; Propose a novel hybrid rule- and heuristic-based inferencing mechanism to improve the accuracy; Apply domain knowledge to enhance existing machine-learning techniques to handle caller and callee signature recovery for both direct and indirect functions; and Implement CFI through binary rewriting. Objective Our objective is to design and implement an automatic system to produce CFI-enforced program executables. Collaborator Associate Professor David LO