Trusted Control Flow Integrity for JVM-Based Application

Song Zhu Mei; Hai He Ba; Jiang Chun Ren; Zhi Ying Wang; Jun Ma

doi:10.4028/www.scientific.net/AMM.511-512.1219

Paper Titles

Research on Data Security of Mobile Payment App
p.1201

Enhancement of Test Platform for Web Application Security
p.1205

Sensibility Analysis of Strengthened Operational Profile
p.1211

Software Reliability Verification Testing Program Considering Hyper-Parameter
p.1215

Trusted Control Flow Integrity for JVM-Based Application
p.1219

Research of Communication Method of Intelligent Building Lighting System Based on CAN Bus
p.1225

Software Implementation of Kompella-Based L2VPN
p.1230

The Estimation of the Hausdorff and Fractal Dimensions of the Global Attractor for 2D Autonomous g-Navier-Stokes Equations
p.1235

Model of Supply Chain Disruption Risk Defense System
p.1239

HomeApplied Mechanics and MaterialsApplied Mechanics and Materials Vols. 511-512Trusted Control Flow Integrity for JVM-Based...

Trusted Control Flow Integrity for JVM-Based Application

Abstract:

This paper gives out a novel way, TCFI4J, to enforce the control flow integrity to the Java applications based on Java virtual machine. TCFI4J combines the trusted computing technology and Java virtual machine together. It takes full advantage of the Trusted Platform Module (TPM) and gives full consideration to the memory organization of the JVM. TCFI4J takes the integrity of part of JVMs memory image into account for the control flow integrity enforcement. The method presented in this paper can provide the user information about an applications behavior. It can significantly improve the security of a Java application with a tolerable performance impact.

You might also be interested in these eBooks

View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 511-512)

Pages:

1219-1224

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.511-512.1219

Citation:

Cite this paper

Online since:

February 2014

Authors:

Song Zhu Mei*, Hai He Ba, Jiang Chun Ren, Zhi Ying Wang, Jun Ma

Keywords:

Control Flow Integrity, Information Security, Java Virtual Machine, Trusted Computing

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

Citation:

* - Corresponding Author

References

[1] M. Abadi, M. Budiu, U. Erlingsson, and J. Ligatti, Control-flow integrity, Proceedings of the 12th ACM conference on Computer and communications security[C], ACM, 2005, pp.340-353.

DOI: 10.1145/1102120.1102165

Google Scholar

[2] M. Abadi, M. Budiu, U. Erlingsson, and J. Ligatti, Control-flow integrity principles, implementations, and applications, ACM Trans. Inf. Syst. Secur. [J], ACM, vol. 4, 2009, pp.1-40.

DOI: 10.1145/1609956.1609960

Google Scholar

[3] N. Geoffray, G. Thomas, G. Muller, P. Parrend, S. Frénot, and B. Folliot, I-JVM: a Java Virtual Machine for Component Isolation in OSGi, Proceedings of International Conference on Dependable Systems and Networks [C], IEEE Computer Society, (2009).

DOI: 10.1109/dsn.2009.5270296

Google Scholar

[4] M. Abadi, M. Budiu, U. Erlingsson, and J. Ligatti, A theory of secure control flow, Proceedings of the 7th international conference on Formal Methods and Software Engineering[C], Springer-Verlag, 2005, pp.111-124.

DOI: 10.1007/11576280_9

Google Scholar

[5] U. Erlingsson, S. Valley, M. Abadi, M. Vrable, M. Budiu, and G. C. Necula, XFI: software guards for system address spaces, Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation[C], USENIX Association, (2006).

Google Scholar

[6] G. Czajkowski, Application isolation in the Java Virtual Machine, Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications[C], ACM, 2000, pp.354-366.

DOI: 10.1145/353171.353195

Google Scholar