Dynamic Tracking Reinforcement Based on Simplified Control Flow

With the rapid development of computer science and Internet technology, software security issues have become one of the main threats to information system. The technique of execution path tracking based on control flow integrity is an effective method to improve software security. However, the dynamic tracking method may incur considerable performance overhead. To address this problem, this paper proposes a method of dynamic control flow enforcement based on API invocations. Our method is based on a key observation: most control flow attackers will invoke the sensitive APIs to achieve their malicious purpose. To defeat these attacks, we first extract the normal execution path of API calls by offline analysis. Then, we utilize the offline information for run-time enforcement. The results of the experiment showed that our method is able to detect and prevent the control flow attacks with malicious API invocations. Compared with existing methods, the system performance is improved.