Annual Computer Security Applications Conference 2015

Full Program »

A Principled Approach for ROP Defense

Return-Oriented Programming (ROP) is an effective attack
technique that can escape modern defenses such as DEP.
ROP is based on repeated abuse of existing code snippets
ending with return instructions (called gadgets), as com-
pared to using injected code. Several defense mechanisms
have been proposed to counter ROP by enforcing policies
on the targets of return instructions, and/or their frequency.
However, these policies have been repeatedly bypassed by
more advanced ROP attacks. While stricter policies have
the potential to thwart ROP, they lead to incompatibili-
ties which discourage their deployment. In this work, we
address this challenge by presenting a principled approach
for ROP defense. Our experimental evaluation shows that
our approach enforces a strong policy, while offering better
compatibility and good performance.


Rui Qiao    
Stony Brook University
United States

Mingwei Zhang    
Stony Brook University
United States

R. Sekar    
Stony Brook University
United States


Powered by OpenConf®
Copyright©2002-2015 Zakon Group LLC