LGadget: ROP Exploit based on Long Instruction Sequences
نویسندگان
چکیده
since ROP (Return Oriented Programming) has been put forward, it has broken the limit of protection strategy against malware. Finer granularity of control and complete expression make traditional defense against control flow attacks fail. In recent years, defense of ROP has made some progress. Some detection methods based on the short length of gadgets in ROP shellcode largely limit ROP. In this paper, we propose a new way of generating ROP shellcode by long instruction sequences called LGadget and design an algorithm to recognize the register dependency among instructions in LGadgets. Moreover, we build a Turing-complete instruction set based on LGadgets. By using our Turing-complete set, we construct a ROP exploit, which can break through the above-mentioned detection methods. Keywords—ROP, program security, LGadget, Turing-complete
منابع مشابه
Learning how to prevent return-oriented programming efficiently
The discovery of recent zero-day exploits against Microsoft Word, Adobe Flash Player and Internet Explorer demonstrate that return-oriented programming (ROP) is the most severe threat to software system security. Microsoft’s 2013 Software Vulnerability Exploitation trend report found that 73% of all vulnerabilities are exploited via ROP. The core idea of ROP is to exploit the presence of so-cal...
متن کاملSIGDROP: Signature-based ROP Detection using Hardware Performance Counters
Return-Oriented Programming (ROP) is a software exploit for system compromise. By chaining short instruction sequences from existing code pieces, ROP can bypass static code-integrity checking approaches and non-executable page protections. Existing defenses either require access to source code or binary, a customized compiler or hardware modifications, or suffer from high performance and storag...
متن کاملkBouncer: Efficient and Transparent ROP Mitigation
The wide adoption of non-executable page protections in recent versions of popular operating systems has given rise to attacks that employ return-oriented programming (ROP) to achieve arbitrary code execution without the injection of any code. Existing defenses against ROP exploits either require source code or symbolic debugging information, impose a significant runtime overhead, which limits ...
متن کاملChronomorphic Programs: Using Runtime Diversity to Prevent Code Reuse Attacks
Return Oriented Programming (ROP) attacks, in which a cyber attacker crafts an exploit from instruction sequences already contained in a running binary, have become popular and practical. While previous research has investigated software diversity and dynamic binary instrumentation for defending against ROP, many of these approaches incur large performance costs or are susceptible to Blind ROP ...
متن کاملDeveloping EFL Learners' Oral Proficiency through Animation-based Instruction of English Formulaic Sequences
The current pretest-posttest quasi-experimental study attempts, firstly, to probe the effects of teaching formulaic sequences (FSs) on the second or foreign language (L2) learners' oral proficiency improvement and secondly, to examine whether teaching FSs through different resources (i.e. animation vs. text-based readings) have any differentially influential effects in augmenting L2 l...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013