Assessing the Attack Surface Reduction in Exe- cutables for an Advanced Code Reuse Attack
نویسندگان
چکیده
Nowadays control-flow hijacking attacks represents the highest software-based security threat [16]. For this reason we want to develop a tool that can asses the attack surface reduction (Q: Which useful code parts for an attack are still available after a hardening policy was applied to an executable?) w.r.t. the attack dubbed, Counterfeit Object-Oriented Programming (COOP) [8]. This attack is particularly hard to defend against since coarse-grained Control Flow Integrity (CFI) [1] approaches and hardware based shadow stacks, Intel CET [17], are useless. For this reason we want to asses what is protected and what not in an executable w.r.t. the COOP attack.
منابع مشابه
Aggrandizing the beast's limbs: patulous code reuse attack on ARM architecture
Since smartphones are usually personal devices full of private information, they are a popular target for a vast variety of real-world attacks such as Code Reuse Attack (CRA). CRAs enable attackers to execute any arbitrary algorithm on a device without injecting an executable code. Since the standard platform for mobile devices is ARM architecture, we concentrate on available ARM-based CRAs. Cu...
متن کاملDwarf Frankenstein is still in your memory: tiny code reuse attacks
Code reuse attacks such as return oriented programming and jump oriented programming are the most popular exploitation methods among attackers. A large number of practical and non-practical defenses are proposed that differ in their overhead, the source code requirement, detection rate and implementation dependencies. However, a usual aspect among these methods is consideration of the common be...
متن کاملImpact of Body on the Tail Surface Flowfield at High Incidences
An experimental study was performed to investigate the effects of the body angle of attack on the tail surface pressure distribution for a half body-tail combination in subsonic flow. The results show, in small deflection angle regions, that the tail deflection has the same effect on the surface pressure as the body angle of attack. However at moderate to high deflections, the flowfiled caused ...
متن کاملTime and Space Complexity Reduction of a Cryptanalysis Algorithm
Binary Decision Diagram (in short BDD) is an efficient data structure which has been used widely in computer science and engineering. BDD-based attack in key stream cryptanalysis is one of the best forms of attack in its category. In this paper, we propose a new key stream attack which is based on ZDD(Zero-suppressed BDD). We show how a ZDD-based key stream attack is more efficient in time and ...
متن کاملTime and Space Complexity Reduction of a Cryptanalysis Algorithm
Binary Decision Diagram (in short BDD) is an efficient data structure which has been used widely in computer science and engineering. BDD-based attack in key stream cryptanalysis is one of the best forms of attack in its category. In this paper, we propose a new key stream attack which is based on ZDD(Zero-suppressed BDD). We show how a ZDD-based key stream attack is more efficient in time and ...
متن کامل