Beyond the Edges of Kernel Control-Flow Hijacking Protection with HEK-CFI
Lukas Maar, Pascal Nasahl, Stefan Mangard
ACM ASIA Conference on Computer and Communications Security (AsiaCCS) 2024
Info
BibTex
Slides
In this paper, we present HEK-CFI, a novel approach leveraging Intel CET to protect control-flow data during system events, function pointers, operation table pointers, and return addresses.
We implement and evaluate a HEK-CFI proof-of-concept, demonstrating reasonable performance overhead while providing superior protection compared to other kernel CFI schemes.
@inproceedings{Maar2024HEKCFI,
author = {Lukas Maar and Pascal Nasahl and Stefan Mangard},
booktitle = {{AsiaCCS}},
title = {{Beyond the Edges of Kernel Control-Flow Hijacking Protection with HEK-CFI}},
year = {2024}
}