2010
DOI: 10.1007/978-3-642-17714-9_11
|View full text |Cite
|
Sign up to set email alerts
|

Efficient Detection of the Return-Oriented Programming Malicious Code

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
12
0

Year Published

2012
2012
2016
2016

Publication Types

Select...
3
3
2

Relationship

0
8

Authors

Journals

citations
Cited by 20 publications
(12 citation statements)
references
References 13 publications
0
12
0
Order By: Relevance
“…Another mitigation tactic for code reuse attacks is to detect and terminate the attack as it occurs. Examples of these include DROP [11], DynIMA [14], CCFIR [43], CFL [8], ROPdefender [15], [12] and [44]. The dynamic monitoring approach used by these techniques make them unsuitable for our target platform where the processor is already at 96% usage.…”
Section: B Defensesmentioning
confidence: 99%
“…Another mitigation tactic for code reuse attacks is to detect and terminate the attack as it occurs. Examples of these include DROP [11], DynIMA [14], CCFIR [43], CFL [8], ROPdefender [15], [12] and [44]. The dynamic monitoring approach used by these techniques make them unsuitable for our target platform where the processor is already at 96% usage.…”
Section: B Defensesmentioning
confidence: 99%
“…Our work focuses on eliminating the need to transplant many of these dependencies. Return-oriented programming is a technique from computer security in which malicious software reuse "gadgets" from existing programs to confuse anti-virus software [18,4,5,3]. One key difference in our work is that we do not depend on blueprints of assembly instructions.…”
Section: Related Workmentioning
confidence: 99%
“…The third approach detects the high frequency of returns resulting from executing a ROP attack [14]. While this approach may prevent basic ROP attacks, code-reuse attacks can avoid return instructions by using indirect jumps, which are also frequently executed by legitimate programs, such as interpreters.…”
Section: Defending Against Code-reuse Attacksmentioning
confidence: 99%
“…New defense mechanisms, such as return-less kernels by Li et al [31] and frequent return detection by Chen et al [14], were proposed to defeat return-oriented programming. The former technique aims to disrupt return-oriented programming by removing all gadgets, while the latter is a runtime technique that has high overheads without direct hardware support.…”
Section: Code-reuse Attacksmentioning
confidence: 99%
See 1 more Smart Citation