Materials for my talk at SSTIC 2015 - PICON : Control Flow Integrity on LLVM IR

Here are the materials for the talk PICON : Control Flow Integrity on LLVM IR, given during SSTIC 2015. While SSTIC is a french-speaking conference, I publish here in English because my other posts also are in English.

Here is the summary, from the website:

Control flow integrity has been a well explored field of software security for more than a decade.

However, most of the proposed approaches are stalled in a proof of concept state - when the implementation is publicly available - or have been designed with a minimal performance overhead as their primary objective, sacrificing security.

Currently, none of the proposed approaches can be used to fully protect real-world programs compiled with most common compilers (e.g. GCC, Clang/LLVM).

In this paper we describe a control flow integrity enforcement mechanism whose main objective is security. Our approach is based on compile-time code instrumentation, making the program communicate with its external execution monitor. The program is terminated by the monitor as soon as a control flow integrity violation is detected.

Our approach is implemented as an LLVM plugin and is working on LLVM’s Intermediate Representation.

• Article (EN)
• Slides (FR)
• Video (FR)

Code is currently being published (with an opensource licence), and this post will be updated as soon as this is done.

NOTE: The code is published ‘as-is’. The main reason the code is not published yet is that it requires additional cleanup.