TUM Logo

Control Flow Integrity based Security

Control Flow Integrity based Security  

Seminare 2sws / 5ects
Veranstalter: Peng Xu
Zeit und Ort:


Kickoff: 26.06.18 11:30 - 12:00

Normal Courses: Monday 10:00 - 12:00


Beginn: 2018-10-23
Klausur: Presentation, Report

The lecture is given in english
The slides are available in english
The exam will be in english

Required Preliminary Knowledge

Basic C programming language, object-oriented language(C++/Java), Assembly language and IT security knowledge.


In this seminar, several hot topics in this line of research will be discussed. The goal is to provide students an overview of state-of-the-art control flow based security techniques in order to encourage them to explore this exciting research field. Each student will be assigned with one research paper. After studying the paper, each student is required to write a short report about the paper, make a 30-minute presentation about his/her topic and 15 minutes discussion.


The content will include the following subfields:

1. Types of code reuse attacks (ROP, JOP, COOP as well as ret2lib, vTable Hijacking)

The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86) 2018-10-29  Peng XU
Just-In-Time Code Reuse:On the Effectiveness of Fine-Grained Address Space Layout Randomization 2018-10-29            
Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications 2018-11-05  Sandro Bauer
Blender: Self-randomizing address space layout for android apps 2018-11-05  Lion Steger

2. Control flow integrity

Control-Flow Integrity: Precision, Security, and Performance                                                                   2018-11-12 Alexander Hölzl
Code-Pointer Integrity                                                                                                                                                         2018-11-12 Andreas Keller  

3. Compiler-based control flow integrity implementation

Protecting c++ dynamic dispatch through vtable interleaving                                                                                                               2018-11-19  Benjamin Zanger 
SAFEDISPATCH: Securing C++ Virtual Calls from Memory Corruption Attacks                                                         2018-11-19 Torben Maack
CastSan: Efficient Detection of Polymorphic C++ Object Type Confusions 2018-11-26  

4. Binary-rewriting based control flow integrity implementation

T-VIP:Towards automated integrity protection of C++ virtual function tables in binary programs 2018-11-26          
τCFI: Type-Assisted Control Flow Integrity for x86-64 Binaries 2018-12-03  
It's a TRaP: Table randomization and protection against function-reuse attacks 2018-12-03 Phillp Holzmann
VTPin: practical VTable hijacking protection for binaries 2018-12-10  


After normal meeting we do not need to meet every week. In the rest time you need to preapre the final report. 

For the report you should include the content from original paper, questions and answers we talked after your presentation and of course another discussion (like the research direction i asked during course, related works from another students and so on).

Final Report

You can find a final report from my previous student from CFI seminar course. You can take that one as template. 
In addition, you can also find the Latex template which is the format of our final report. 
The content of findal report should include:
1. Introduction (Section I from template)
2. Background 
3. Design and implementation from original papers (Section II, III, IV from template)
4. Performance 
5. Discussion about the connection and difference with another related works in our seminar course (Section VII, VIII from template)
6. Conclusion


We have two deadline for the final report. 
The first one is for the draft. The deadline is 4th, Feb.
After that I will check these reports. Meanwhile, i will distribute two drafts to every students and help me to check and give feedback. And then I will feedback your report and update it with suggestions from my side and another students' sides.
The deadline for the second round is 11st, Feb.