Hardware-assisted mechanisms to enforce control flow integrity: A comprehensive survey

Today, a vast amount of sensitive data worth millions of dollars is processed in untrusted data centers; hence, the confidentiality and integrity of the code and data are of paramount importance. Given the high incentive of mounting a successful attack, the complexity of attack methods has grown rap...

Full description

Saved in:
Bibliographic Details
Published inJournal of systems architecture Vol. 130; p. 102644
Main Authors Kumar, Sandeep, Moolchandani, Diksha, Sarangi, Smruti R.
Format Journal Article
LanguageEnglish
Published Elsevier B.V 01.09.2022
Subjects
Online AccessGet full text
ISSN1383-7621
1873-6165
DOI10.1016/j.sysarc.2022.102644

Cover

Loading…
More Information
Summary:Today, a vast amount of sensitive data worth millions of dollars is processed in untrusted data centers; hence, the confidentiality and integrity of the code and data are of paramount importance. Given the high incentive of mounting a successful attack, the complexity of attack methods has grown rapidly over the years. The attack methods rely on vulnerabilities present in the system to hijack the control flow of a process and use it to either steal sensitive information or degrade the quality of service. To thwart these attacks, the complexity of the defense methods has also increased in tandem. Researchers have explored different methods to ensure the secure execution of an application. The defense methods range from software-only to hardware-only to hybrid defense methods. In this survey, we focus on the relatively new hybrid form of defense methods where software and hardware work in tandem to protect the control flow of applications. We present a novel three-level taxonomy of these defense mechanisms based on first principles and use them to classify existing defense methods. After presenting the taxonomy, we critically analyze the proposed defense methods, study the evolution of the field and outline the challenges for future work.
ISSN:1383-7621
1873-6165
DOI:10.1016/j.sysarc.2022.102644