Nytro Posted November 10, 2013 Report Share Posted November 10, 2013 Security Mitigations for Return-Oriented Programming AttacksAbstractWith the discovery of new exploit techniques, newprotection mechanisms are needed as well. Mitigationslike DEP (Data Execution Prevention)or ASLR (Address Space Layout Randomization)created a significantly more difficult environmentfor vulnerability exploitation. Attackers, however,have recently developed new exploitation methodswhich are capable of bypassing the operating system’ssecurity protection mechanisms.In this paper we present a short summary ofnovel and known mitigation techniques againstreturn-oriented programming (ROP) attacks. Thetechniques described in this article are relatedmostly to x86-321 processors and Microsoft Windowsoperating systems.1 IntroductionIn order to increase the security level of the operatingsystem, Microsoft has implemented severalmitigation mechanisms, such as DEP and ASLR.Data Execution Prevention (DEP) is a security featurethat prohibits the application from executingcode from non-executable memory area. To exploita vulnerability, an attacker must find a executablememory region and be able to fill it withnecessary data (e.g., shellcode instructions). Generally,achieving this goal using old exploitationtechniques is made significantly more difficult withthe addition of the DEP mechanism. As a result,attackers improved upon the classic “return-into-libc” technique and started using return-orientedprogramming (ROP) [3, 7] to bypass Data ExecutionPrevention.Techniques like ROP are still based on the attackerunderstanding memory layout characteristics,leading Microsoft to implement Address SpaceLayout Randomization (ASLR) as a countermeasure.ASLR renders the layout of an application’saddress space less predictable because it relocatesthe base addresses of executable modules and othermemory mappings. In order to bypass DEP protectionmechanism ROP technique was introduced. Inthis article we present novel and known mechanismswhich are created specifically to prevent attackersfrom exploiting vulnerabilities based on the ROPmethod. Presented mitigations will be divided intwo general categories:• Compiler-level mitigations — mitigations thatcan be only applied by the compiler or linker.• Binary-level mitigations — mitigations thatcan be applied without knowing the sourcecode of the protected code fragment.Download:http://kryptoslogic.com/download/ROP_Whitepaper.pdf Quote Link to comment Share on other sites More sharing options...