The Continuing Arms Race in Memory: Return-Oriented Programming Attacks and Defenses - Invited Talk

Author(s):

Davi, Lucas

Name of Event:

Computer Science Forum (CS Forum) at Aalto University

Location:

Helsinki, Finland

Date:

21.04.2016

Abstract

Code-reuse attacks such as return-oriented programming constitute a powerful zero-day exploitation technique that is frequently leveraged to compromise software on a wide range of architectures. These attacks generate malicious computation based on existing code (so-called gadgets) residing in linked libraries. The good news is that both academia and industry have proposed defense techniques to mitigate code-reuse attacks. On the other hand, a continuous arms race has evolved between attacks and defenses. In this talk, we will elaborate on the evolution of code-reuse attacks. In particular, we explore two prominent defense techniques: control-flow integrity (CFI) and code randomization. We demonstrate that existing defenses, including Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), can be bypassed with advanced code-reuse attack techniques. Further, we discuss promising research directions such as hardware-assisted defenses, attestation of a program’s control flows, and protection against these attacks at the kernel layer.