@inproceedings{53c9c7b32f1a4d17b3d9fcef4abaff0a,
title = "Dynamic tracking reinforcement based on simplified control flow",
abstract = "With the rapid development of computer science and Internet technology, software security issues have become one of the main threats to information system. The technique of execution path tracking based on control flow integrity is an effective method to improve software security. However, the dynamic tracking method may incur considerable performance overhead. To address this problem, this paper proposes a method of dynamic control flow enforcement based on API invocations. Our method is based on a key observation: most control flow attackers will invoke the sensitive APIs to achieve their malicious purpose. To defeat these attacks, we first extract the normal execution path of API calls by offline analysis. Then, we utilize the offline information for run-Time enforcement. The results of the experiment showed that our method is able to detect and prevent the control flow attacks with malicious API invocations. Compared with existing methods, the system performance is improved.",
keywords = "API calls, Inserted reinforcement, Path tracking, Simplified control flow",
author = "Jiani Li and Donghai Tian and Changzhen Hu",
note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; 11th International Conference on Computational Intelligence and Security, CIS 2015 ; Conference date: 19-12-2015 Through 20-12-2015",
year = "2016",
month = feb,
day = "1",
doi = "10.1109/CIS.2015.93",
language = "English",
series = "Proceedings - 2015 11th International Conference on Computational Intelligence and Security, CIS 2015",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "358--362",
booktitle = "Proceedings - 2015 11th International Conference on Computational Intelligence and Security, CIS 2015",
address = "United States",
}