Indirect Branch Validation Unit

Gyungho Lee, Yixin Shi, Hui Lin

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)


This paper presents a micro-architectural enhancement, named Indirect Branch Validation Unit (IBVU), to prevent malicious attacks from compromising the control data of the program. The IBVU provides a run-time control flow protection by validating a dynamic instance of an indirect branch's address and its target address - indirect branch pair (IBP), which represents the program behavior. To validate an IBP at run-time with little performance and storage overhead, the IBVU employs a Bloom filter, a hashing based bit vector representation for querying a set membership. Two organizations trading off of the access delay and space in VLSI design are provided, and three commonly used hashing schemes are evaluated for the performance impact as well as the area overhead. Recognizing potential false positives from adopting the Bloom filter, consideration of reducing it per the Bloom filter's design parameters is discussed, while the difficulty of utilizing the false positives due to hashing based indexing of the Bloom filter for malicious attack is noted.

Original languageEnglish
Pages (from-to)461-468
Number of pages8
JournalMicroprocessors and Microsystems
Issue number7-8
Publication statusPublished - 2009 Oct


  • Branch prediction
  • Control data
  • Indirect branch
  • Software attack

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications
  • Artificial Intelligence


Dive into the research topics of 'Indirect Branch Validation Unit'. Together they form a unique fingerprint.

Cite this