Abstract
Modern runtime exploits perform malicious program actions based on the principle of code-reuse. These attacks require no code injection, bypass widely deployed defense mechanisms, allow Turing-complete computation, can be applied to many processor architectures, and are highly challenging to prevent.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Abadi, M., Budiu, M., Erlingsson, Ú., Ligatti, J.: A theory of secure control-flow. In: Proceedings of the 7th International Conference on Formal Methods and Software Engineering, ICFEM’05 (2005). URL http://dx.doi.org/10.1007/11576280_9
Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity: principles, implementations, and applications. ACM Trans. Inf. Syst. Secur. 13(1), 4:1–4:40 (2009). URL http://doi.acm.org/10.1145/1609956.1609960
Cohen, F.B.: Operating system protection through program evolution. Comput. Secur. 12(6), 565–584 (1993). doi:10.1016/0167-4048(93)90054-9
Evans, I., Fingeret, S., Gonzalez, J., Otgonbaatar, U., Tang, T., Shrobe, H., Sidiroglou-Douskos, S., Rinard, M., Okhravi, H.: Missing the point(er): on the effectiveness of code pointer integrity. In: Proceedings of the 36th IEEE Symposium on Security and Privacy, SP’15 (2015, to appear)
Göktas, E., Athanasopoulos, E., Bos, H., Portokalidis, G.: Out of control: overcoming control-flow integrity. In: Proceedings of the 35th IEEE Symposium on Security and Privacy, SP’14 (2014). URL http://dx.doi.org/10.1109/SP.2014.43
Hund, R., Willems, C., Holz, T.: Practical timing side channel attacks against kernel space aslr. In: Proceedings of the 34th IEEE Symposium on Security and Privacy, SP’13 (2013). URL http://dx.doi.org/10.1109/SP.2013.23
Kuznetsov, V., Szekeres, L., Payer, M., Candea, G., Sekar, R., Song, D.: Code-pointer integrity. In: Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation, OSDI’14 (2014). URL http://dl.acm.org/citation.cfm?id=2685048.2685061
Matrosov, A., Rodionov, E., Harley, D., Malcho, J.: Stuxnet under the microscope (2001). URL http://www.esetnod32.ru/company/viruslab/analytics/doc/Stuxnet_Under_the_Microscope.pdf
Microsoft: Enhanced Mitigation Experience Toolkit. URL https://www.microsoft.com/emet
Microsoft Corporation: Visual Studio 2015 preview: work-in-progress security feature (2014). URL http://blogs.msdn.com/b/vcblog/archive/2014/12/08/visual-studio-2015-preview-work-in-progress-security-feature.aspx
Mohan, V., Larsen, P., Brunthaler, S., Hamlen, K.W., Franz, M.: Opaque control-flow integrity. In: Proceedings of the 22nd Annual Network and Distributed System Security Symposium, NDSS’15 (2015). URL http://www.internetsociety.org/doc/opaque-control-flow-integrity
Pappas, V., Polychronakis, M., Keromytis, A.D.: Transparent ROP exploit mitigation using indirect branch tracing. In: Proceedings of the 22nd USENIX Security Symposium (2013). URL http://dl.acm.org/citation.cfm?id=2534766.2534805
Schuster, F., Tendyck, T., Liebchen, C., Davi, L., Sadeghi, A.R., Holz, T.: Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications. In: Proceedings of the 36th IEEE Symposium on Security and Privacy, SP’15 (2015). doi:10.1109/SP.2015.51
Seibert, J., Okhravi, H., Söderström, E.: Information leaks without memory disclosures: Remote side channel attacks on diversified code. In: Proceedings of the 21st ACM SIGSAC Conference on Computer and Communications Security, CCS’14 (2014). URL http://doi.acm.org/10.1145/2660267.2660309
Snow, K.Z., Monrose, F., Davi, L., Dmitrienko, A., Liebchen, C., Sadeghi, A.R.: Just-in-time code reuse: on the effectiveness of fine-grained address space layout randomization. In: Proceedings of the 34th IEEE Symposium on Security and Privacy, SP’13 (2013). URL http://dx.doi.org/10.1109/SP.2013.45. Received the Best Student Paper Award
Szekeres, L., Payer, M., Wei, T., Song, D.: Sok: Eternal war in memory. In: Proceedings of the 34th IEEE Symposium on Security and Privacy, SP’13 (2013). URL http://dx.doi.org/10.1109/SP.2013.13
Tice, C., Roeder, T., Collingbourne, P., Checkoway, S., Erlingsson, Ú., Lozano, L., Pike, G.: Enforcing forward-edge control-flow integrity in GCC & LLVM. In: Proceedings of the 23rd USENIX Security Symposium (2014). URL http://dl.acm.org/citation.cfm?id=2671225.2671285
Tran, M., Etheridge, M., Bletsch, T., Jiang, X., Freeh, V., Ning, P.: On the expressiveness of return-into-libc attacks. In: Proceedings of the 14th International Conference on Recent Advances in Intrusion Detection, RAID’11 (2011). URL http://dx.doi.org/10.1007/978-3-642-23644-0_7
Zhang, M., Sekar, R.: Control flow integrity for COTS binaries. In: Proceedings of the 22nd USENIX Security Symposium (2013). URL http://dl.acm.org/citation.cfm?id=2534766.2534796
Zhang, C., Wei, T., Chen, Z., Duan, L., Szekeres, L., McCamant, S., Song, D., Zou, W.: Practical control flow integrity & randomization for binary executables. In: Proceedings of the 34th IEEE Symposium on Security and Privacy, SP’13 (2013). URL http://dx.doi.org/10.1109/SP.2013.44
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2015 The Author(s)
About this chapter
Cite this chapter
Davi, L., Sadeghi, AR. (2015). Discussion and Conclusion. In: Building Secure Defenses Against Code-Reuse Attacks. SpringerBriefs in Computer Science. Springer, Cham. https://doi.org/10.1007/978-3-319-25546-0_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-25546-0_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-25544-6
Online ISBN: 978-3-319-25546-0
eBook Packages: Computer ScienceComputer Science (R0)