showSidebars ==
showTitleBreadcrumbs == 1
node.field_disable_title_breadcrumbs.value ==

PhD Dissertation Proposal by LIN Yan | Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity

Please click here if you are unable to view this page.

 


 


 


 

 

 

Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity

 

 

 

 


 

 

 


 


 

 

 

 

LIN Yan


 

PhD Candidate

School of Information Systems

Singapore Management University
 


 


 

FULL PROFILE

 


Research Area


 

 

Dissertation Committee


 

Chairman


 

 

Committee Members


 

 

 

External Members


 

  • Zhenkai LIANG, Associate Professor, National University of Singapore

 

 

 


 


 


 


 

 


Date


 

18 January 2021 (Monday)

 

 


Time


 

4:15pm - 5:15pm

 

 


Venue


 

This is a virtual seminar. Please register by 15 January 2021, the zoom link will be sent out on 18 January before 12pm to those who have registered.

 

 

We look forward to seeing you at this research seminar.


 

 


 


 


 


 

 

 

About The Talk


 

Control-Flow Integrity (CFI) is an attractive security property with which most injected and code-reuse attacks can be defeated. There are three fundamental components in CFI enforcement. The first component is accurately recovering the policy (CFG). Usually, the more precise the policy (CFG) is, the more security CFI improves, but precise CFG generation was considered hard without the support of source code. The second one is embedding the CFI policy securely. Current CFI enforcement usually inserts checks before indirect branches to consult a read-only table which stores the valid CFG information. However, this kind of read-only table can be overwritten by some kinds of attacks (e.g., Rowhammer attack and data-oriented programming). The third component is to efficiently enforce the CFI policy. In current approaches, no matter whether there are attacks, the CFI checks are always executed whenever there is an indirect control-flow transfer. Therefore, it is critical to minimize the performance impact of the CFI checks.


In this dissertation, we propose novel solutions to handle these three fundamental components. We systematically study how compiler optimization would impact CFG recovery by investigating two methods that recover CFI policy based on function signature matching at the binary level and propose our novel improved mechanism to more accurately recover function signature. We also propose an enhanced deep learning approach to recover function signature by including domain-specific knowledge to the dataset. To embed CFI policy securely, we design a novel platform which encodes the policy into the machine instructions directly without relying on consulting any read-only data structure by making use of the idea of instruction-set randomization. In it, each basic block is encrypted with a key derived from the CFG. To efficiently enforce CFI policy, we make use of a mature dynamic code optimization platform called DynamoRIO to enforce the policy so that it only requires to do the CFI check when needed.

 

 

 

Speaker Biography


 

Yan Lin is a Ph.D. candidate in Cybersecurity at School of Information Systems, Singapore Management University. She is advised by Associate Professor Debin Gao. She received her master degree in Cybersecurity from Wuhan University, in 2016. Her current research focuses on software security and system security.

 

© Copyright 2026 by Singapore Management University. All Rights Reserved.