Position paper: GPT conjecture: understanding the trade-offs between granularity, performance and timeliness in control-flow integrity

Zhilong Wang; Peng Liu

doi:10.1186/s42400-021-00098-2

Position paper: GPT conjecture: understanding the trade-offs between granularity, performance and timeliness in control-flow integrity

Zhilong Wang
, Peng Liu

College of Information Sciences and Technology

Research output: Contribution to journal › Article › peer-review

1 Scopus citations

Abstract

Performance/security trade-off is widely noticed in CFI research, however, we observe that not every CFI scheme is subject to the trade-off. Motivated by the key observation, we ask three questions: ➊ does trade-off really exist in different CFI schemes? ➋ if trade-off do exist, how do previous works comply with it? ➌ how can it inspire future research? Although the three questions probably cannot be directly answered, they are inspiring. We find that a deeper understanding of the nature of the trade-off will help answer the three questions. Accordingly, we proposed the GPT conjecture to pinpoint the trade-off in designing CFI schemes, which says that at most two out of three properties (fine granularity, acceptable performance, and preventive protection) could be achieved.

Original language	English (US)
Article number	33
Journal	Cybersecurity
Volume	4
Issue number	1
DOIs	https://doi.org/10.1186/s42400-021-00098-2
State	Published - Dec 2021

All Science Journal Classification (ASJC) codes

Software
Information Systems
Computer Networks and Communications
Artificial Intelligence

Access to Document

10.1186/s42400-021-00098-2

Cite this

@article{b3eda5747ac249cf9ff0f9f8b9da6605,

title = "Position paper: GPT conjecture: understanding the trade-offs between granularity, performance and timeliness in control-flow integrity",

abstract = "Performance/security trade-off is widely noticed in CFI research, however, we observe that not every CFI scheme is subject to the trade-off. Motivated by the key observation, we ask three questions: ➊ does trade-off really exist in different CFI schemes? ➋ if trade-off do exist, how do previous works comply with it? ➌ how can it inspire future research? Although the three questions probably cannot be directly answered, they are inspiring. We find that a deeper understanding of the nature of the trade-off will help answer the three questions. Accordingly, we proposed the GPT conjecture to pinpoint the trade-off in designing CFI schemes, which says that at most two out of three properties (fine granularity, acceptable performance, and preventive protection) could be achieved.",

author = "Zhilong Wang and Peng Liu",

note = "Publisher Copyright: {\textcopyright} 2021, The Author(s).",

year = "2021",

month = dec,

doi = "10.1186/s42400-021-00098-2",

language = "English (US)",

volume = "4",

journal = "Cybersecurity",

issn = "2096-4862",

publisher = "SpringerOpen",

number = "1",

}

TY - JOUR

T1 - Position paper

T2 - GPT conjecture: understanding the trade-offs between granularity, performance and timeliness in control-flow integrity

AU - Wang, Zhilong

AU - Liu, Peng

PY - 2021/12

Y1 - 2021/12

N2 - Performance/security trade-off is widely noticed in CFI research, however, we observe that not every CFI scheme is subject to the trade-off. Motivated by the key observation, we ask three questions: ➊ does trade-off really exist in different CFI schemes? ➋ if trade-off do exist, how do previous works comply with it? ➌ how can it inspire future research? Although the three questions probably cannot be directly answered, they are inspiring. We find that a deeper understanding of the nature of the trade-off will help answer the three questions. Accordingly, we proposed the GPT conjecture to pinpoint the trade-off in designing CFI schemes, which says that at most two out of three properties (fine granularity, acceptable performance, and preventive protection) could be achieved.

AB - Performance/security trade-off is widely noticed in CFI research, however, we observe that not every CFI scheme is subject to the trade-off. Motivated by the key observation, we ask three questions: ➊ does trade-off really exist in different CFI schemes? ➋ if trade-off do exist, how do previous works comply with it? ➌ how can it inspire future research? Although the three questions probably cannot be directly answered, they are inspiring. We find that a deeper understanding of the nature of the trade-off will help answer the three questions. Accordingly, we proposed the GPT conjecture to pinpoint the trade-off in designing CFI schemes, which says that at most two out of three properties (fine granularity, acceptable performance, and preventive protection) could be achieved.

UR - https://www.scopus.com/pages/publications/85115047840

UR - https://www.scopus.com/pages/publications/85115047840#tab=citedBy

U2 - 10.1186/s42400-021-00098-2

DO - 10.1186/s42400-021-00098-2

M3 - Article

AN - SCOPUS:85115047840

SN - 2096-4862

VL - 4

JO - Cybersecurity

JF - Cybersecurity

IS - 1

M1 - 33

ER -

Position paper: GPT conjecture: understanding the trade-offs between granularity, performance and timeliness in control-flow integrity

Abstract

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this