Symposium sur la sécurité des technologies de l'information et des communications

Control flow integrity has been a well explored field of software security for more than a decade. However, most of the proposed approaches are stalled in a proof of concept state - when the implementation is publicly available - or have been designed with a minimal performance overhead as their primary objective, sacrificing security. Currently, none of the proposed approaches can be used to fully protect real-world programs compiled with most common compilers (e.g. GCC, Clang/LLVM). In this paper we describe a control flow integrity enforcement mechanism whose main objective is security. Our approach is based on compile-time code instrumentation, making the program communicate with its external execution monitor. The program is terminated by the monitor as soon as a control flow integrity violation is detected. Our approach is implemented as an LLVM plugin and is working on LLVM’s Intermediate Representation.