| Summary: | Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2015. === This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections. === Cataloged from student-submitted PDF version of thesis. === Includes bibliographical references (pages 105-111). === The rise of code reuse attacks has been devastating for users of languages like C and C++ that lack memory safety. We survey existing defenses to understand why none are generally applicable, focusing our attention on the Code Pointer Integrity (CPI) defense. We show that while CPI is hard to implement securely on modern architectures, it is based on the promising idea of storing metadata on memory. We also introduce Taxi (Tagged C), a set of hardware modifications that aim to prevent code reuse attacks by storing small amounts of memory metadata known as tags in hardware. Our reference implementation prevents several classes of code reuse attacks without losing compatibility with the C memory model and provides valuable insight into how tagged architectures can be used to enforce security properties on existing code. === by Julián Armando González. === M. Eng.
|
|---|
