Conference Proceeding Article
Since the day it was proposed, return-oriented programming has shown to be an effective and powerful attack technique against the write or execute only (W ⊕ X) protection. However, a general belief in the previous research is, systems deployed with address space randomization where the executables are also randomized at run-time are able to defend against return-oriented programming, as the addresses of all instructions are randomized. In this paper, we show that due to the weakness of current address space randomization technique, there are still ways of launching return-oriented programming attacks against those well-protected systems efficiently. We demonstrate and evaluate our attacks with existing typical web server applications and discuss possible methods of mitigating such threats.
address space randomization, position independent executable, return-oriented programming
Information Security and Trust
TrustCom 2011: International Joint Conference of IEEE TrustCom-11, IEEE ICESS-11 / FCST-11: 16-19 November 2011, Changsha, Hunan
City or Country
LIU, Limin; Han, JIN; GAO, Debin; JING, Jiwu; and ZHA, Daren.
Launching Return-Oriented Programming Attacks against Randomized Relocatable Executables. (2011). TrustCom 2011: International Joint Conference of IEEE TrustCom-11, IEEE ICESS-11 / FCST-11: 16-19 November 2011, Changsha, Hunan. 37-44. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/2007
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.