ROP is still dangerous: breaking modern defenses 论文

2014引用 270

Security and Verification in ComputingAdvanced Malware Detection TechniquesDiamond and Carbon-based Materials Research

网络安全 Security and Verification in Computing Advanced Malware Detection Techniques Diamond and Carbon-based Materials Research

关系图谱

作者

摘要

Return Oriented Programming (ROP) has become the exploitation technique of choice for modern memory-safety vulnerability attacks. Recently, there have been multiple attempts at defenses to prevent ROP attacks. In this paper, we introduce three new attack methods that break many existing ROP defenses. Then we show how to break kBouncer and ROPecker, two recent low-overhead defenses that can be applied to legacy software on existing hardware. We examine several recent ROP attacks seen in the wild and demonstrate that our techniques successfully cloak them so they are not detected by these defenses. Our attacks apply to many CFI-based defenses which we argue are weaker than previously thought. Future defenses will need to take our attacks into account. 1

作者查看全部 (1)

Nicholas Carlini

ROP is still dangerous: breaking modern defenses 论文

详细信息

摘要

作者查看全部 (1)

相关技术查看全部 (1)

相关事件

相关文章