Write a Blog >>
Wed 12 Jul 2017 16:20 - 16:45 at Bren 1414 - Static Analysis Chair(s): William G.J. Halfond

We present, VIP, an approach to boosting the precision of Virtual call Integrity Protection for large-scale real-world C++ programs (e.g., Chrome) by using pointer analysis for the first time. VIP introduces two new techniques: (1) a sound and scalable partial pointer analysis for discovering statically the sets of legitimate targets at virtual callsites from separately compiled C++ modules and (2) a lightweight instrumentation technique for performing (virtual call) integrity checks at runtime. VIP raises the bar against vtable hijacking attacks by providing stronger security guarantees than the CHA-based approach with comparable performance overhead. VIP is implemented in LLVM-3.8.0 and evaluated using SPEC programs and Chrome. Statically, VIP protects virtual calls more effectively than CHA by significantly reducing the sets of legitimate targets permitted at 20.3% of the virtual callsites per program, on average. Dynamically, VIP incurs an average (maximum) instrumentation overhead of 0.7% (3.3%), making it practically deployable as part of a compiler tool chain.

Wed 12 Jul

issta-2017-research
15:30 - 17:10: Technical Papers - Static Analysis at Bren 1414
Chair(s): William G.J. HalfondUniversity of Southern California
issta-2017-research15:30 - 15:55
Talk
Lisa Nguyen Quang DoFraunhofer IEM, Karim AliUniversity of Alberta, Benjamin LivshitsImperial College London, UK, Eric BoddenHeinz Nixdorf Institut, Paderborn University and Fraunhofer IEM, Justin SmithNorth Carolina State University, Emerson Murphy-HillNorth Carolina State University
DOI
issta-2017-research15:55 - 16:20
Talk
Alex GyoriUniversity of Illinois at Urbana-Champaign, USA, Shuvendu K. LahiriMicrosoft Research, Nimrod PartushTechnion
DOI
issta-2017-research16:20 - 16:45
Talk
Xiaokang Fan, Yulei Sui, Xiangke LiaoNational University of Defense Technology, China, Jingling XueUNSW Australia
DOI
issta-2017-research16:45 - 17:10
Talk
John-Paul OreUniversity of Nebraska-Lincoln, USA, Sebastian ElbaumUniversity of Nebraska-Lincoln, USA, Carrick DetweilerUniversity of Nebraska-Lincoln, USA
DOI