Practical and Flexible Kernel CFI Enforcement using eBPF

Simple item page
dc.contributor.authorJia, Jinghaoen
dc.contributor.authorLe, Michael V.en
dc.contributor.authorAhmed, Salmanen
dc.contributor.authorWilliams, Danen
dc.contributor.authorJamjoom, Hanien
dc.date.accessioned2023-10-02T14:53:35Zen
dc.date.available2023-10-02T14:53:35Zen
dc.date.issued2023-09-10en
dc.date.updated2023-10-01T07:51:39Zen
dc.description.abstractEnforcing control flow integrity (CFI) in the kernel (kCFI) can prevent control-flow hijack attacks. Unfortunately, current kCFI approaches have high overhead or are inflexible and cannot support complex context-sensitive policies. To overcome these limitations, we propose a kCFI approach that makes use of eBPF (eKCFI) as the enforcement mechanism. The focus of this work is to demonstrate through implementation optimizations how to overcome the enormous performance overhead of this approach, thereby enabling the potential benefits with only modest performance tradeoffs.en
dc.description.versionPublished versionen
dc.format.mimetypeapplication/pdfen
dc.identifier.doihttps://doi.org/10.1145/3609021.3609293en
dc.identifier.urihttp://hdl.handle.net/10919/116399en
dc.language.isoenen
dc.publisherACMen
dc.rightsIn Copyrighten
dc.rights.holderThe author(s)en
dc.rights.urihttp://rightsstatements.org/vocab/InC/1.0/en
dc.titlePractical and Flexible Kernel CFI Enforcement using eBPFen
dc.typeArticle - Refereeden
dc.type.dcmitypeTexten

Files

Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
3609021.3609293.pdf
Size:
401.39 KB
Format:
Adobe Portable Document Format
Description:
Published version
Download
License bundle
Now showing 1 - 1 of 1
Name:
license.txt
Size:
0 B
Format:
Item-specific license agreed upon to submission
Description:
Download

Collections

Journal Articles, Association for Computing Machinery (ACM)
Scholarly Works, Computer Science