The master's thesis addresses the assurance of control flow integrity in programs. Attacks such as return-oriented programming exploit memory vulnerabilities, allowing an attacker to hijack a program's execution. We developed a verification system to determine whether a program has executed as intended. We modified the Spike simulator for the RISC-V architecture to enable program execution monitoring. This involves logging every control flow change by chaining hash values, ultimately generating an execution claim. The program's possible paths are determined through static analysis, where we construct and analyse a control flow graph from the program's machine code. This process yields all possible program paths and their corresponding hash values. The claim is then verified against the expected values to detect any potential integrity violations. We evaluated the system using a set of programs and by performing a return-oriented programming attack on a vulnerable program. The system correctly detected the attack.
|