Premium
An online approach to defeating ROP attacks ∗
Author(s) -
Tian Donghai,
Jia Xiaoqi,
Zhang Zhaolong,
Zhan Li,
Hu Changzhen,
Xue Jingfeng
Publication year - 2018
Publication title -
concurrency and computation: practice and experience
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.309
H-Index - 67
eISSN - 1532-0634
pISSN - 1532-0626
DOI - 10.1002/cpe.4775
Subject(s) - computer science , computer security , embedded system
Summary Return‐Oriented Programming (ROP) attacks become very popular in recent years as these attacks can bypass traditional defense mechanisms such as data execution prevention (DEP) effectively. Previous solutions suffer from limitations in that: 1) some methods need to modify the target programs; 2) some methods introduce considerable performance cost; 3) some methods rely on the special hardware; and 4) ,most of existing methods could not provide an online protection for the target processes. In this paper, we present OnRop, an on‐the‐fly ROP attack protection system by using the commodity hardware features and OS internal facilities. Our system is compatible with the existing programs, and its protection layer can be added on demand. The experiments show that OnRop can detect ROP attacks effectively with moderate performance cost.