English
Related papers

Related papers: Return Oriented Programming - Exploit Implementati…

200 papers

Return Oriented Programming (ROP) is a technique by which an attacker can induce arbitrary behavior inside a vulnerable program without injecting a malicious code. The continues failure of the currently deployed defenses against ROP has…

Cryptography and Security · Computer Science 2020-05-26 Ammari Nader , Joan Calvet , Jose M. Fernandez

With the discovery of new exploit techniques, new protection mechanisms are needed as well. Mitigations like DEP (Data Execution Prevention) or ASLR (Address Space Layout Randomization) created a significantly more difficult environment for…

Cryptography and Security · Computer Science 2010-08-25 Piotr Bania

Control Flow Hijacking attacks have posed a serious threat to the security of applications for a long time where an attacker can damage the control Flow Integrity of the program and execute arbitrary code. These attacks can be performed by…

Cryptography and Security · Computer Science 2021-11-08 Ayush Bansal , Debadatta Mishra

Largely known for attack scenarios, code reuse techniques at a closer look reveal properties that are appealing also for program obfuscation. We explore the popular return-oriented programming paradigm under this light, transforming program…

Cryptography and Security · Computer Science 2021-08-12 Pietro Borrello , Emilio Coppa , Daniele Cono D'Elia

This paper shows how the Xtensa architecture can be attacked with Return-Oriented-Programming (ROP). The presented techniques include possibilities for both supported Application Binary Interfaces (ABIs). Especially for the windowed ABI a…

Cryptography and Security · Computer Science 2022-01-19 Kai Lehniger , Marcin J. Aftowicz , Peter Langendörfer , Zoya Dyka

Return-Oriented Programming (ROP) is a typical attack technique that exploits return addresses to abuse existing code repeatedly. Most of the current return address protecting mechanisms (also known as the Backward-Edge Control-Flow…

Cryptography and Security · Computer Science 2020-07-16 Jinfeng Li , Liwei Chen , Qizhen Xu , Linan Tian , Gang Shi , Kai Chen , Dan Meng

Software obfuscation plays a crucial role in protecting intellectual property in software from reverse engineering attempts. While some obfuscation techniques originate from the obfuscation-reverse engineering arms race, others stem from…

Cryptography and Security · Computer Science 2023-04-05 Giulio De Pasquale , Fukutomo Nakanishi , Daniele Ferla , Lorenzo Cavallaro

Return-oriented programming (ROP) is a code reuse attack that chains short snippets of existing code to perform arbitrary operations on target machines. Existing detection methods against ROP exhibit unsatisfactory detection accuracy and/or…

Cryptography and Security · Computer Science 2024-02-14 Xusheng Li , Zhisheng Hu , Haizhou Wang , Yiwei Fu , Ping Chen , Minghui Zhu , Peng Liu

High-level reversible programming languages are few and far between and in general offer only rudimentary abstractions from the details of the underlying machine. Modern programming languages offer a wide array of language constructs and…

Programming Languages · Computer Science 2017-07-26 Tue Haulund

Defense techniques such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) were the early role models preventing primitive code injection and return-oriented programming (ROP) attacks. Notably, these techniques…

Cryptography and Security · Computer Science 2019-09-23 Christopher Jelesnianski , Jinwoo Yom , Changwoo Min , Yeongjin Jang

Many Large Language Models (LLMs) and LLM-powered apps deployed today use some form of prompt filter or alignment to protect their integrity. However, these measures aren't foolproof. This paper introduces KROP, a prompt injection technique…

Cryptography and Security · Computer Science 2024-06-19 Jason Martin , Kenneth Yeung

Object-oriented programming (OOP) is aimed at describing the structure and behaviour of objects by hiding the mechanism of their representation and access in primitive references. In this article we describe an approach, called…

Programming Languages · Computer Science 2010-09-28 Alexandr Savinov

In this paper, we introduce a formal notion of partial compliance, called Attack-resistance, of a computer program running together with a defense mechanism w.r.t a non-exploitability specification. In our setting, a program may contain…

Cryptography and Security · Computer Science 2015-06-15 Vijay Ganesh , Sebastian Banescu , Martín Ochoa

Just-in-time return-oriented programming (JIT-ROP) allows one to dynamically discover instruction pages and launch code reuse attacks, effectively bypassing most fine-grained address space layout randomization (ASLR) protection. However,…

Cryptography and Security · Computer Science 2020-06-16 Salman Ahmed , Ya Xiao , Gang Tan , Kevin Snow , Fabian Monrose , Danfeng , Yao

Data-oriented attacks manipulate non-control data to alter a program's benign behavior without violating its control-flow integrity. It has been shown that such attacks can cause significant damage even in the presence of control-flow…

Cryptography and Security · Computer Science 2019-03-26 Long Cheng , Hans Liljestrand , Thomas Nyman , Yu Tsung Lee , Danfeng Yao , Trent Jaeger , N. Asokan

Optical Character Recognition (OCR) is a widely used tool to extract text from scanned documents. Today, the state-of-the-art is achieved by exploiting deep neural networks. However, the cost of this performance is paid at the price of…

Cryptography and Security · Computer Science 2023-10-13 Mauro Conti , Nicola Farronato , Stefanos Koffas , Luca Pajola , Stjepan Picek

Consumer and defense systems demanded design and manufacturing of electronics with increased performance, compared to their predecessors. As such systems became ubiquitous in a plethora of domains, their application surface increased, thus…

Cryptography and Security · Computer Science 2022-08-19 Abhijitt Dhavlle

Return-Oriented Programming (ROP) is a software exploit for system compromise. By chaining short instruction sequences from existing code pieces, ROP can bypass static code-integrity checking approaches and non-executable page protections.…

Cryptography and Security · Computer Science 2016-09-12 Xueyang Wang , Jerry Backer

A number of online services nowadays rely upon machine learning to extract valuable information from data collected in the wild. This exposes learning algorithms to the threat of data poisoning, i.e., a coordinate attack in which a fraction…

Cybercriminals use Return Oriented Programming techniques to attack systems and IoT devices. While defenses have been developed, not all of them are applicable to constrained devices. We present Shakedown, which is a compile-time…

Cryptography and Security · Computer Science 2018-10-12 Fady Copty , Francisco Hernandez , Dov Murik , Olmo Rayón
‹ Prev 1 2 3 10 Next ›