CFI

 

 

 

In operating systems architecture, a reference monitor is a secure, always-used and fully-testable module that controls all software access to data objects or devices. The reference monitor verifies the nature of the request against a table of allowable access types for each process on the system. For example, Windows 3.x and 9x operating systems were not built with a reference monitor, but it was added to Windows starting with Windows NT.   The Reference Monitor concept was introduced as an ideal to achieve controlled sharing. “The function of the Reference Monitor is to validate all references (e.g., references to programs, data, peripherals) made by programs in execution against those authorized for the subject (e.g., the user)   ABSTRACT 1.Control-Flow Integrity (CFI),  a basic safety property，可以防御通过破坏机器码执行来控制程序行为的攻击。 2.CFI的意义： CFI enforcement is simple CFI enforcement is practical：it is compatible with existing software and can be done effificiently using software rewriting in commodity systems CFI provides a useful foundation for enforcing further security policies   1. INTRODUCTION   1.程序执行必须沿着事先定义好的控制流图执行。 2.CFG可以通过源代码分析/二进制分析/程序执行(execution profifiling)获得的   本实验用的是静态二进制分析得到的控制流图 3.依靠轻量级静态验证和机器代码重写相结合的方式来对软件进行运行时检查。 运行时检查动态地确保控制流保持在给定的CFG中。 Whereas CFI enforcement can potentially be done in several ways, we rely on a combination of lightweight static verifification

 

 

 

 

 

A security policy is of limited value without an attack model. 

没有攻击模型的安全策略价值有限。

a‧me‧na‧ble

 /əˈmiːnəb ə l,əˋminəbḷ/ adj.

suitable for a particular type of treatment

可用某种方法处理的

[+ for/to]

•Such conditions may be amenable to medical intervention. 这些疾病也许可以采取药物干预

First, it is clear, and amenable to formal definition and analysis

首先，它很清楚，并且可以进行正式的定义和分析。