View in EDS PDF Full Text

VPV: Enforcing Secure C++ Dynamic Dispatch by Vtable Pointer Verification.

Saved in:
Bibliographic Details
Title: VPV: Enforcing Secure C++ Dynamic Dispatch by Vtable Pointer Verification.
Authors: Xiaokang Fan1 fanxiaokang@nudt.edu.cn, Sifan Long2 164712110@csu.edu.cn, Chun Huang3 chunhuang@nudt.edu.cn, Canqun Yang3 canqun@nudt.edu.cn
Source: Engineering Letters. Sep2021, Vol. 29 Issue 3, p936-941. 6p.
Subjects: Object-oriented programming languages, C++, Flowgraphs
Abstract: C++ is a very popular object-oriented programming language. Due to its abstraction and high performance, C++ has been widely used in performance critical applications. During the last several years, vtable hijacking attack has become a major attack vector. By corrupting the vtable pointer of a C++ object, an attacker can hijack a virtual call and compromise the control flow of a C++ program. This paper proposes VPV (Vtable Pointer Verification), a new method to mitigate vtable hijacking attacks. The novelty of VPV is that VPV enforces virtual call integrity by verifying the legitimacy of the vtable pointer, which is the key part in vtable hijakcing attacks. We use class hierarchy analysis to build a fine-grained control flow graph, which determines the legitimate targets precisely for each vtable pointer. We designed an efficient runtime verification technique which requires only a range check. The average (maximum) runtime performance overhead incurred is only 1.52% (2.30%). VPV provides precise and efficient protection against vtable hijacking attacks. It is an ideal technique to be applied to production software. [ABSTRACT FROM AUTHOR]
Copyright of Engineering Letters is the property of International Association of Engineers (IAENG) and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
FullText Links:
  – Type: pdflink
Text:
  Availability: 0
Header DbId: egs
DbLabel: Engineering Source
An: 152281133
AccessLevel: 6
PubType: Academic Journal
PubTypeId: academicJournal
PreciseRelevancyScore: 0
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: VPV: Enforcing Secure C++ Dynamic Dispatch by Vtable Pointer Verification.
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Xiaokang+Fan%22">Xiaokang Fan</searchLink><relatesTo>1</relatesTo><i> fanxiaokang@nudt.edu.cn</i><br /><searchLink fieldCode="AR" term="%22Sifan+Long%22">Sifan Long</searchLink><relatesTo>2</relatesTo><i> 164712110@csu.edu.cn</i><br /><searchLink fieldCode="AR" term="%22Chun+Huang%22">Chun Huang</searchLink><relatesTo>3</relatesTo><i> chunhuang@nudt.edu.cn</i><br /><searchLink fieldCode="AR" term="%22Canqun+Yang%22">Canqun Yang</searchLink><relatesTo>3</relatesTo><i> canqun@nudt.edu.cn</i>
– Name: TitleSource
  Label: Source
  Group: Src
  Data: <searchLink fieldCode="JN" term="%22Engineering+Letters%22">Engineering Letters</searchLink>. Sep2021, Vol. 29 Issue 3, p936-941. 6p.
– Name: Subject
  Label: Subjects
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22Object-oriented+programming+languages%22">Object-oriented programming languages</searchLink><br /><searchLink fieldCode="DE" term="%22C%2B%2B%22">C++</searchLink><br /><searchLink fieldCode="DE" term="%22Flowgraphs%22">Flowgraphs</searchLink>
– Name: Abstract
  Label: Abstract
  Group: Ab
  Data: C++ is a very popular object-oriented programming language. Due to its abstraction and high performance, C++ has been widely used in performance critical applications. During the last several years, vtable hijacking attack has become a major attack vector. By corrupting the vtable pointer of a C++ object, an attacker can hijack a virtual call and compromise the control flow of a C++ program. This paper proposes VPV (Vtable Pointer Verification), a new method to mitigate vtable hijacking attacks. The novelty of VPV is that VPV enforces virtual call integrity by verifying the legitimacy of the vtable pointer, which is the key part in vtable hijakcing attacks. We use class hierarchy analysis to build a fine-grained control flow graph, which determines the legitimate targets precisely for each vtable pointer. We designed an efficient runtime verification technique which requires only a range check. The average (maximum) runtime performance overhead incurred is only 1.52% (2.30%). VPV provides precise and efficient protection against vtable hijacking attacks. It is an ideal technique to be applied to production software. [ABSTRACT FROM AUTHOR]
– Name: AbstractSuppliedCopyright
  Label:
  Group: Ab
  Data: <i>Copyright of Engineering Letters is the property of International Association of Engineers (IAENG) and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.)
PLink https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=152281133
RecordInfo BibRecord:
  BibEntity:
    Languages:
      – Code: eng
        Text: English
    PhysicalDescription:
      Pagination:
        PageCount: 6
        StartPage: 936
    Subjects:
      – SubjectFull: Object-oriented programming languages
        Type: general
      – SubjectFull: C++
        Type: general
      – SubjectFull: Flowgraphs
        Type: general
    Titles:
      – TitleFull: VPV: Enforcing Secure C++ Dynamic Dispatch by Vtable Pointer Verification.
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Xiaokang Fan
      – PersonEntity:
          Name:
            NameFull: Sifan Long
      – PersonEntity:
          Name:
            NameFull: Chun Huang
      – PersonEntity:
          Name:
            NameFull: Canqun Yang
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 01
              M: 09
              Text: Sep2021
              Type: published
              Y: 2021
          Identifiers:
            – Type: issn-print
              Value: 1816093X
          Numbering:
            – Type: volume
              Value: 29
            – Type: issue
              Value: 3
          Titles:
            – TitleFull: Engineering Letters
              Type: main
ResultId 1