Nytro Posted November 10, 2013 Report Share Posted November 10, 2013 ROPdefender: A Detection Tool to Defend AgainstReturn-Oriented Programming AttacksABSTRACTModern runtime attacks increasingly make use of the pow-erful return-oriented programming (ROP) attack techniquesand principles such as recent attacks on Apple iPhone andAcrobat products to name some. These attacks even workunder the presence of modern memory protection mecha-nisms such as data execution prevention (DEP). In this pa-per, we present our tool, ROPdefender, that dynamically de-tects conventional ROP attacks (that are based on return in-structions). In contrast to existing solutions, ROPdefendercan be immediately deployed by end-users, since it does notrely on side information (e.g., source code or debugging in-formation) which are rarely provided in practice. Currently,our tool adds a runtime overhead of 2x which is comparableto similar instrumentation-based tools.1. INTRODUCTIONRuntime attacks on software aim at subverting the execu-tion ow of a program by redirecting execution to maliciouscode injected by the adversary. Typically, the control-owof a program is subverted by exploiting memory vulnera-bilities. Despite extensive research and many proposed so-lutions in the last decades, such vulnerabilities ) are still the main source of vulnerabilities in to-day's applications. Figure 1 shows that the number of buerover ow vulnerabilities (according to the NIST1 Vulnerabil-ity database) continues to range from 600 to 700 per year.Operating systems and processor manufactures providesolutions to mitigate these kinds of attacks through theW X (Writable XOR Executable) security model [49, 43],which prevents an adversary from executing malicious codeby marking a memory page either writable or executable.Current Windows versions (such as Windows XP, Vista, orWindows 7) enable W X (named data execution preven-tion (DEP) [43] in the Windows world) by default.Download:http://www.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_TRUST/PubsPDF/ropdefender.pdf Quote Link to comment Share on other sites More sharing options...
