Intel is gearing up to launch its new security product, an invention that can bring about dramatic reductions in hijacking. Named as the Intel Control-Flow Enforcement Technology (Intel CET), this new security product has been designed to prevent the misuse of legitimate code, which will prove to be a remarkable deterrent against control-flow hijacking attacks. This technique has emerged prevalent across large classes of malware, and the tech community has been faced with a formidable challenge to alleviate this issue with software alone.
The Intel CET will provide CPU-level security capabilities from Intel’s newly designed mobile processor, code-named Tiger Lake.
Over the years, computer security has become more and more sophisticated, but these advancements have also increased the resources available for hackers. Modern-day hackers are much more resourceful and capable of identifying measures to bypass security protections. For instance, they can exploit memory safety to penetrate a system. Return Oriented Programming (ROP) and Jump Oriented Programming (JOP) are particularly popular amongst hackers. JOP and ROP attacks can be extremely challenging to identify or prevent. This is primarily because the hacker utilizes an existing code running within the executable memory, and alters the program behavior with a creative strategy.
The Intel CET provides software developers with two major strategies to put a strong defense against control-flow hijacking malware:
- Indirect branch tracking
- Shadow stack
Indirect branch tracking allows indirect branch protection, which creates a strong defense against JOP attack strategies. Shadow stack provides return address protection, which defends against ROP attack strategies. More importantly, these two strategies are built within the hardware, which allows them a clear superiority over software when it comes to tackling threats at their source.
Intel has revealed that the product will be made available in desktop and server platforms released in the future. It has already been collaborating with Microsoft to integrate it with Windows 10. Microsoft’s recent support for Intel CET in Windows 10 has been named Hardware-enforced Stack Protection, and you can browse through a preview in Windows 10 Insider Previews right away.