English
Related papers

Related papers: MAJORCA: Multi-Architecture JOP and ROP Chain Asse…

200 papers

Return-oriented programming (ROP) is a code reuse attack that chains short snippets of existing code to perform arbitrary operations on target machines. Existing detection methods against ROP exhibit unsatisfactory detection accuracy and/or…

Cryptography and Security · Computer Science 2024-02-14 Xusheng Li , Zhisheng Hu , Haizhou Wang , Yiwei Fu , Ping Chen , Minghui Zhu , Peng Liu

This paper provides a survey of methods and tools for automated code-reuse exploit generation. Such exploits use code that is already contained in a vulnerable program. The code-reuse approach allows one to exploit vulnerabilities in the…

Cryptography and Security · Computer Science 2021-07-23 Alexey Vishnyakov , Alexey Nurmukhametov

Return-Oriented Programming (ROP) is a software exploit for system compromise. By chaining short instruction sequences from existing code pieces, ROP can bypass static code-integrity checking approaches and non-executable page protections.…

Cryptography and Security · Computer Science 2016-09-12 Xueyang Wang , Jerry Backer

Control Flow Hijacking attacks have posed a serious threat to the security of applications for a long time where an attacker can damage the control Flow Integrity of the program and execute arbitrary code. These attacks can be performed by…

Cryptography and Security · Computer Science 2021-11-08 Ayush Bansal , Debadatta Mishra

Software ecosystems like Maven Central play a crucial role in modern software supply chains by providing repositories for libraries and build plugins. However, the separation between binaries and their corresponding source code in Maven…

Cryptography and Security · Computer Science 2025-09-11 Behnaz Hassanshahi , Trong Nhan Mai , Benjamin Selwyn Smith , Nicholas Allen

Return-Oriented Programming (ROP) is a typical attack technique that exploits return addresses to abuse existing code repeatedly. Most of the current return address protecting mechanisms (also known as the Backward-Edge Control-Flow…

Cryptography and Security · Computer Science 2020-07-16 Jinfeng Li , Liwei Chen , Qizhen Xu , Linan Tian , Gang Shi , Kai Chen , Dan Meng

Control-flow attacks, usually achieved by exploiting a buffer-overflow vulnerability, have been a serious threat to system security for over fifteen years. Researchers have answered the threat with various mitigation techniques, but…

Cryptography and Security · Computer Science 2015-04-10 Andreas Follner , Eric Bodden

Recently, code reuse attacks (CRAs), such as return-oriented programming (ROP) and jump-oriented programming (JOP), have emerged as a new class of ingenious security threatens. Attackers can utilize CRAs to hijack the control flow of…

Cryptography and Security · Computer Science 2018-09-20 Jiliang Zhang , Binhang Qi , Gang Qu

Current low-level exploits often rely on code-reuse, whereby short sections of code (gadgets) are chained together into a coherent exploit that can be executed without the need to inject any code. Several protection mechanisms attempt to…

Software Engineering · Computer Science 2016-05-27 Andreas Follner , Alexandre Bartel , Eric Bodden

This paper provides the first analysis on the feasibility of Return-Oriented Programming (ROP) on RISC-V, a new instruction set architecture targeting embedded systems. We show the existence of a new class of gadgets, using several Linear…

Cryptography and Security · Computer Science 2021-03-16 Georges-Axel Jaloyan , Konstantinos Markantonakis , Raja Naeem Akram , David Robin , Keith Mayes , David Naccache

Just-in-time return-oriented programming (JIT-ROP) allows one to dynamically discover instruction pages and launch code reuse attacks, effectively bypassing most fine-grained address space layout randomization (ASLR) protection. However,…

Cryptography and Security · Computer Science 2020-06-16 Salman Ahmed , Ya Xiao , Gang Tan , Kevin Snow , Fabian Monrose , Danfeng , Yao

Return Oriented Programming (ROP) is a technique by which an attacker can induce arbitrary behavior inside a vulnerable program without injecting a malicious code. The continues failure of the currently deployed defenses against ROP has…

Cryptography and Security · Computer Science 2020-05-26 Ammari Nader , Joan Calvet , Jose M. Fernandez

Memory safety is a cornerstone of secure and robust software systems, as it prevents a wide range of vulnerabilities and exploitation techniques. Among these, we focus on Return-Oriented Programming (ROP). ROP works as such: the attacker…

Cryptography and Security · Computer Science 2023-11-03 Federico Cassano , Charles Bershatsky , Jacob Ginesin , Sasha Bashenko

Software obfuscation plays a crucial role in protecting intellectual property in software from reverse engineering attempts. While some obfuscation techniques originate from the obfuscation-reverse engineering arms race, others stem from…

Cryptography and Security · Computer Science 2023-04-05 Giulio De Pasquale , Fukutomo Nakanishi , Daniele Ferla , Lorenzo Cavallaro

Myopic Optimization with Non-myopic Approval (MONA) mitigates multi-step reward hacking by restricting the agent's planning horizon while supplying far-sighted approval as a training signal~\cite{farquhar2025mona}. The original paper…

Artificial Intelligence · Computer Science 2026-04-01 Nathan Heath

We introduce PyRCA, an open-source Python machine learning library of Root Cause Analysis (RCA) for Artificial Intelligence for IT Operations (AIOps). It provides a holistic framework to uncover the complicated metric causal dependencies…

Artificial Intelligence · Computer Science 2023-06-21 Chenghao Liu , Wenzhuo Yang , Himanshu Mittal , Manpreet Singh , Doyen Sahoo , Steven C. H. Hoi

RISC-V is an open-source hardware ISA based on the RISC design principles, and has been the subject of some novel ROP mitigation technique proposals due to its open-source nature. However, very little work has actually evaluated whether…

Cryptography and Security · Computer Science 2020-07-31 Garrett Gu , Hovav Shacham

The increasing complexity of software supply chains and the rise of supply chain attacks have elevated concerns around software integrity. Users and stakeholders face significant challenges in validating that a given software artifact…

Software Engineering · Computer Science 2025-11-12 Aman Sharma , Benoit Baudry , Martin Monperrus

The wide-spread adoption of system defenses such as the randomization of code, stack, and heap raises the bar for code-reuse attacks. Thus, attackers utilize a scripting engine in target programs like a web browser to prepare the code-reuse…

Cryptography and Security · Computer Science 2020-07-07 Jannik Pewny , Philipp Koppe , Thorsten Holz

Microservice architectures promote small, independently developed services, but increase overall architectural complexity. It is crucial that developers understand the architecture and how changes to a service affect the overall system, but…

Software Engineering · Computer Science 2026-02-10 Oscar Manglaras , Alex Farkas , Thomas Woolford , Christoph Treude , Markus Wagner
‹ Prev 1 2 3 10 Next ›