Piotr Bania Chronicles
August 23rd, 2010, 01:21
ABSTRACT
With the discovery of new exploit techniques, new protection mechanisms are needed as well. Mitigations like DEP (Data Execution Prevention) or ASLR (Address Space Layout Randomization) created a significantly more difficult environment for vulnerability exploitation. Attackers, however, have recently developed new exploitation methods which are capable of bypassing the operating system’s security protection mechanisms. In this paper we present a short summary of novel and known mitigation techniques against return-oriented programming (ROP) attacks. The techniques described in this article are related mostly to x86-32 processors and Microsoft Windows operating systems.
PAPER LINK: DOWNLOAD HERE ("http://kryptoslogic.com/download/ROP_Whitepaper.pdf")https://blogger.googleusercontent.com/tracker/54982665<8<43777458-598553280<597849429?l=blog.piotrbania.com
http://blog.piotrbania.com/2010/08/paper-security-mitigations-for-return.html
With the discovery of new exploit techniques, new protection mechanisms are needed as well. Mitigations like DEP (Data Execution Prevention) or ASLR (Address Space Layout Randomization) created a significantly more difficult environment for vulnerability exploitation. Attackers, however, have recently developed new exploitation methods which are capable of bypassing the operating system’s security protection mechanisms. In this paper we present a short summary of novel and known mitigation techniques against return-oriented programming (ROP) attacks. The techniques described in this article are related mostly to x86-32 processors and Microsoft Windows operating systems.
PAPER LINK: DOWNLOAD HERE ("http://kryptoslogic.com/download/ROP_Whitepaper.pdf")https://blogger.googleusercontent.com/tracker/54982665<8<43777458-598553280<597849429?l=blog.piotrbania.com
http://blog.piotrbania.com/2010/08/paper-security-mitigations-for-return.html