On Design Inference from Binaries Compiled using Modern C++ Defenses


Rukayat Ayomide Erinfolami, Anh T Quach, and Aravind Prakash, Binghamton University


Due to the use of code pointers, polymorphism in C++ has been targeted by attackers and defenders alike. Vulnerable programs that violate the runtime object type integrity have been successfully exploited. Particularly, the virtual dispatch mechanism and the type confusion during casting have been targeted.

As a consequence, multiple defenses have been proposed in recent years to defend against attacks that target polymorphism. Particularly, compiler-based defenses incorporate design information—specifically class-hierarchy-related information—into the binary, and enforce runtime security policies to assert type integrity.

In this paper, we perform a systematic evaluation of the side-effects and unintended consequences of compiler-based security. Specifically, we show that application of modern defenses makes reverse engineering and semantic recovery easy. In particular, we show that modern defenses “leak" class hierarchy information, i.e., design information, thereby deter adoption in closed-source software. We consider a comprehensive set of 10 modern C++ defenses and show that 9 out of the 10 at least partially reveal design information as an unintended consequence of the defense. We argue a necessity for design-leakage-sensitive defenses that are preferable for closed-source use.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@inproceedings {241988,
author = {Rukayat Ayomide Erinfolami and Anh T Quach and Aravind Prakash},
title = {On Design Inference from Binaries Compiled using Modern C++ Defenses},
booktitle = {22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019)},
year = {2019},
isbn = {978-1-939133-07-6},
address = {Chaoyang District, Beijing},
pages = {15--30},
url = {https://www.usenix.org/conference/raid2019/presentation/erinfolami},
publisher = {USENIX Association},
month = sep