Secure Execution Via Program Shepherding

We introduce program shepherding, a method for monitoring control flow transfers during program execution to enforce a security policy. Shepherding ensures that malicious code masquerading as data is never executed, thwarting a large class of security attacks. Shepherding can also enforce entry poin...

Full description

Bibliographic Details
Main Authors: Kiriansky, Vladimir, Bruening, Derek, Amarasinghe, Saman
Published: 2023
Online Access:https://hdl.handle.net/1721.1/149314
Description
Summary:We introduce program shepherding, a method for monitoring control flow transfers during program execution to enforce a security policy. Shepherding ensures that malicious code masquerading as data is never executed, thwarting a large class of security attacks. Shepherding can also enforce entry points as the only way to execute shared library code. Furthermore, shepherding guarantees that sandboxing checks around any type of program operation will never be bypassed. We have implemented these capabilities efficiently in a runtime system with minimal or no performance penalties. This system operates on unmodified native binaries, requires no special hardware or operating system support, and runs on existing IA-32 machines.