Source code based protection against CRAs

As the threat potential of Code-Reuse Attacks (CRAs) is rising we want to develop a tool that can mitigate such state-of-the-art attacks (e.g., the attack dubbed Counterfeit Object-Oriented Programming (COOP)). This attack is particularly hard to defend against since traditional Control Flow Integrity (CFI) approaches are useless. Based on source code recompilation techniques we want to harden the application binary in such a manner that it becomes very hard for an attacker to perform his attack. At least three types of binary checks will be inserted in the binary (e.g., number of parameters and types, void function were non void was expected and vice-versa, etc). First, parameter counting and type for caller/callees pairs will be derived based on a precise per function Control Flow Graph (CFG) analysis. Second, checks for caller/callee pairs will be added in order to avoid calling non void functions were actually void function were expected and vice-versa. Third, checks based on the virtual and non virtual class hierarchy (obtained for free from LLVM compiler framework) can be derived and enforced. Additionally, the approach [4] based on class interleaving can be improved whit diferenciating between virtual and normal class hierarchy or complemented whith checks which are a mix of the interleaved class hierarchy and function parameter types, number and return values (void or non-void). These three approaches will be a refinement of previous defensive source code based strategies against CRAs and will complement existing source code level techniques. For example parameter type hardening will help to reduce the set of caller/callee pairs checks thus increasing the performance of our approach by reducing the number of checks that need to be performed. The tool will be implemented as one or more LLVM passes and will be tested with real CRAs for Linux/Windows OSs. Additionally, for completeness reasons we will test the tool (by recompiling) with a series of server applications, web browsers and SPEC CPU 2006 benchmark w.r.t. performance.