Computer Science Seminar

Software Security and Control-Flow Integrity

Dr. Ulfar Erlingsson

Microsoft Research

Date: Monday April 11, 2005

Time: 12:20 p.m. - 1:10 p.m.

Location: 367 Votey

Abstract

Current software attacks often build on exploits that subvert machine-code execution. The enforcement of a basic safety property, Control-Flow Integrity (CFI), can prevent such attacks from arbitrarily controlling program behavior CFI enforcement is simple, and its guarantees can be established formally, even with respect to powerful adversaries. Moreover, CFI enforcement is practical: it is compatible with existing software and can be efficiently implemented. Finally, CFI guarantees are a useful foundation for analysis, processing, and the establishment of further properties of the software. CFI derives its security benefits from constraining low-level machine operations to conform more closely to the high-level programming language semantics. CFI generalizes, or can subsume, popular mechanisms for reducing this discrepancy between the hardware and software semantics. This talk will be open to the public and free of admission. Please feel free to distribute this announcement where appropriate.

Speaker bio: Úlfar joined Microsoft Research Silicon Valley in February 2003. He did his PhD work at Cornell University's Information Assurance Institute in the mid-to-late 90's on enforcing security policies by program modification. After Cornell, Úlfar was the Director of Privacy Protection for deCODE Genetics, where he worked on database security, both for their controversial Healthcare Database project and for the web interface to their genealogical database of all Icelanders. Before joining MSR, he co-founded and was CTO of the Silicon Valley security software startup Green Border Technologies, designed their technology, and raised two rounds of venture funding. Recently, I've been researching how fault-tolerance and resiliency-to-attack can be added to operating systems (i.e., Windows). In particular I've been looking at device drivers and other low-level software components in the VEXE'DD and Gleipnir projects.

(Presented by the Computer Science Student Association ( http://www.cs.uvm.edu/~cssa/), University of Vermont.)