Coarse-grained Control Flow Integrity Check for Processors with Sliding Register Windows.

Control Flow Integrity (CFI) checks arean effective way to detect control flow manipulation attacks. Protection isachieved by combining a static analysis to create a control flow graph and codeinstrumentation for runtime checks. A coarse-grained CFI check in contrastrelies on a ruleset to check for the validity of the control flow. It can beused alongside with other techniques to protect a processor fromreturn-oriented-programming attacks. This paper presents the firstimplementation of a coarse-grained CFI check specifically for processors withsliding register window, instrumenting interrupt handles instead of theapplication itself. Additionally, the security of the method is improved bycombining it with a simple XOR obfuscation technique to make it harder forattackers to target remaining legal addresses. Two (software-only andhardware-assisted) implementations are presented and evaluated.