Intel Designs Chips to Protect from ROP Attacks

CET features finally come to market!

Intel comes late to the game but will be delivering an embedded defense for Return Oriented Programming (ROP) types of cyber hacks. I first blogged about this back in Sept of 2016. Yes, almost four years have passed and I had hoped it would see the light of day much earlier.

The feature, to debut in the Tiger Lake microarchitecture in 2021 according to Intel, will be marketed as a Control-Flow Enforcement Technology (CET) that is designed to disrupt a class of exploits that seek to leverage bits of code that are already trusted. These ROP attacks use chunks of code from other software and hobble them together to create a malicious outcome. In the hacking world, it is similar to Frankenstein’s monster, where something grotesque is assembled from various innocent parts. ROP hacking techniques are great at evading detection and therefore a favorite among the higher classes of skilled threat actors.

Embedding the CET feature into the hardware and firmware provides a few advantages over trying to mitigate these attacks solely at the operating system level. First, there is the performance factor. Code that is specifically optimized by hardware moves significantly faster than traditional software components, so this should have a much less impact on system…