Transparent detection and extraction of return-oriented-programming attacks
作者: Junghwan Rhee , Guofei Jiang , Zhenyu Wu , Zhichun Li , Hui Zhang
DOI:
关键词:
摘要: Systems and methods for detection prevention of Return-Oriented-Programming (ROP) attacks in one or more applications, including an attack device a stack inspection performing to detect ROP gadgets stack. The includes walking from frame at top the toward bottom failure conditions, determining whether valid return code address is present; condition type if no present, with Type III conditions indicating attack. contained using containment device, detected during are analyzed analysis device.
lens.org 参考文章(16)
Bernd Greifeneder, Stefan Chiettini, Christian Schwarzbauer, Erich Georg Hochmuth, Jurgen Richtsfeld, Method And System For Transaction Controlled Sampling Of Distributed Heterogeneous Transactions Without Source Code Modifications ,(2016)
Uday Savagaonkar, Vedvyas Shanbhogue, Ravi Sahita, Jason Brandt, Using software having control transfer termination instructions with software not having control transfer termination instructions ,(2013)
Georg Wicherski, Threat detection for return oriented programming ,(2013)
Daavid Hentunen, Detecting a return-oriented programming exploit ,(2010)
Gregory W. Dalcher, System and method for indirect interface monitoring and plumb-lining ,(2012)
Arun Balakrishnan, Renwei Ge, Alexander Gantman, Yinian Mao, Daniel Komaromy, Brian M. Rosenberg, Anand Palanigounder, Dynamic execution prevention to inhibit return-oriented programming ,(2013)
Arun Balakrishnan, Renwei Ge, Alexander Gantman, Gregory Rose, Daniel Komaromy, Brian Rosenberg, Anand Palanigounder, Methods, devices, and systems for detecting return-oriented programming exploits ,(2012)
Arvind Krishnaswamy, Ashish Venkat, Koichi Yamada, Palanivelrajan Rajan Shanmugavelayutham, Binary translator driven program state relocation ,(2014)
Benedetto Voltattorni, Marco Bizzarri, Johannes Mayr, Marco Giuliani, Detecting and preventing execution of software exploits ,(2015)
Stephen A. Fischer, Protection Against Return Oriented Programming Attacks ,(2013)