Summary: Control-Flow Integrity
Principles, Implementations, and Applications
MART´IN ABADI
University of California, Santa Cruz
and
Microsoft Research, Silicon Valley
MIHAI BUDIU
Microsoft Research, Silicon Valley
´ULFAR ERLINGSSON
Microsoft Research, Silicon Valley
and
JAY LIGATTI
University of South Florida
Current software attacks often build on exploits that subvert machine-code execution. The en-
forcement of a basic safety property, Control-Flow Integrity (CFI), can prevent such attacks
from arbitrarily controlling program behavior. CFI enforcement is simple and its guarantees can
be established formally, even with respect to powerful adversaries. Moreover, CFI enforcement
is practical: it is compatible with existing software and can be done efficiently using software
rewriting in commodity systems. Finally, CFI provides a useful foundation for enforcing further
security policies, as we demonstrate with efficient software implementations of a protected shadow

Source: Abadi, Martín - Department of Computer Science, University of California at Santa Cruz
Ligatti, Jay - Department of Computer Science and Engineering, University of South Florida

Collections: Computer Technologies and Information Sciences