Return-Oriented Programming without Returns on ARM
نویسندگان
چکیده
In this paper we present a novel and general memory-related attack method on ARM-based computing platforms. Our attack deploys the principles of return-oriented programming (ROP), however, in contrast to conventional ROP, it exploits jumps instead of returns, and hence it can not be detected by return address checkers. Although a similar attack has been recently proposed for Intel x86, it was unclear if the attack technique can be deployed to ARM-based computing platforms as well. Developing a jump-based attack on ARM is more involved, because ARM is based on a RSIC architecture which differs in many aspects from Intel’s x86 architecture. Nevertheless, we show a Turing-complete attack that can induce arbitrary change of behavior in running programs without requiring code injection. As proof of concept, we instantiate our attack method on the Android platform.
منابع مشابه
Escape From Return-Oriented Programming: Return-oriented Programming without Returns (on the x86)
We show that on the x86 it is possible to mount a return-oriented programming attack without using any return instructions. Our new attack instead makes use of certain instruction sequences that behave like a return; we show that these sequences occur with sufficient frequency in large Linux libraries to allow creation of a Turing-complete gadget set. Because it does not make use of return inst...
متن کاملAggrandizing the beast's limbs: patulous code reuse attack on ARM architecture
Since smartphones are usually personal devices full of private information, they are a popular target for a vast variety of real-world attacks such as Code Reuse Attack (CRA). CRAs enable attackers to execute any arbitrary algorithm on a device without injecting an executable code. Since the standard platform for mobile devices is ARM architecture, we concentrate on available ARM-based CRAs. Cu...
متن کاملAn input-oriented radial measure for returns to scale aggregation.
In production theory, it is necessary to be capable of predicting the production func- tion’s long-run behaviors. Hereof, returns to scale is a helpful concept. Returns to scale describes the reaction of a production function to the proportionally scaling all its input variables. In this regard, Data envelopment analysis (DEA) provides a com- prehensive framework for returns to scale evaluation...
متن کاملAn enhanced reliability-oriented workforce planning model for process industry using combined fuzzy goal programming and differential evolution approach
This paper draws on the “human reliability” concept as a structure for gaining insight into the maintenance workforce assessment in a process industry. Human reliability hinges on developing the reliability of humans to a threshold that guides the maintenance workforce to execute accurate decisions within the limits of resources and time allocations. This concept offers a worthwhile point of de...
متن کاملEvolution and anti-evolution in a minimal stock market model
We present a novel microscopic stock market model consisting of a large number of random agents modeling traders in a market. Each agent is characterized by a set of parameters that serve to make iterated predictions of two successive returns. The future price is determined according to the offer and the demand of all agents. The system evolves by redistributing the capital among the agents in ...
متن کامل