Return-oriented programming without returns
We show that on both the x86 and ARM architectures it is possible to mount return-oriented
programming attacks without using return instructions. Our attacks instead make use of …
programming attacks without using return instructions. Our attacks instead make use of …
Return-oriented programming: Systems, languages, and applications
We introduce return-oriented programming, a technique by which an attacker can induce
arbitrary behavior in a program whose control flow he has diverted, without injecting any …
arbitrary behavior in a program whose control flow he has diverted, without injecting any …
Q: Exploit hardening made easy
Prior work has shown that return oriented programming (ROP) can be used to bypass W⊕
X, a software defense that stops shellcode, by reusing instructions from large libraries such …
X, a software defense that stops shellcode, by reusing instructions from large libraries such …
ILR: Where'd my gadgets go?
Through randomization of the memory space and the confinement of code to non-data
pages, computer security researchers have made a wide range of attacks against program …
pages, computer security researchers have made a wide range of attacks against program …
Branch regulation: Low-overhead protection from code reuse attacks
Code reuse attacks (CRAs) are recent security exploits that allow attackers to execute
arbitrary code on a compromised machine. CRAs, exemplified by return-oriented and jump …
arbitrary code on a compromised machine. CRAs, exemplified by return-oriented and jump …
Is less really more? towards better metrics for measuring security improvements realized through software debloating
Nearly all modern software suffers from bloat that negatively impacts its performance and
security. To combat this problem, several automated techniques have been proposed to …
security. To combat this problem, several automated techniques have been proposed to …
SCRAP: Architecture for signature-based protection from code reuse attacks
M Kayaalp, T Schmitt, J Nomani… - 2013 IEEE 19th …, 2013 - ieeexplore.ieee.org
Code Reuse Attacks (CRAs) recently emerged as a new class of security exploits. CRAs
construct malicious programs out of small fragments (gadgets) of existing code, thus …
construct malicious programs out of small fragments (gadgets) of existing code, thus …
ILR: Where'd My Gadgets Go?
JW Davidson, M Hall, A Nguyen-Tuong… - 2012 IEEE Symposium …, 2012 - computer.org
Through randomization of the memory space and the confinement of code to non-data
pages, computer security researchers have made a wide range of attacks against program …
pages, computer security researchers have made a wide range of attacks against program …
[PDF][PDF] A Framework for Automated {Architecture-Independent} Gadget Search
T Dullien, T Kornau, RP Weinmann - 4th USENIX Workshop on Offensive …, 2010 - usenix.org
We demonstrate that automated, architecture-independent gadget search is possible.
Gadgets are code fragments which can be used to build unintended programs from existing …
Gadgets are code fragments which can be used to build unintended programs from existing …
Efficiently securing systems from code reuse attacks
Code reuse attacks (CRAs) are recent security exploits that allow attackers to execute
arbitrary code on a compromised machine. CRAs, exemplified by return-oriented and jump …
arbitrary code on a compromised machine. CRAs, exemplified by return-oriented and jump …