Clean the Scratch Registers: A Way to Mitigate Return-Oriented Programming Attacks

With the implementation of W ⊕ X security model on computer system, Return-Oriented Programming(ROP) has become the primary exploitation technique for adversaries. Although many solutions that defend against ROP exploits have been proposed, they still suffer from various shortcomings. In this paper,...

Full description

Saved in:
Bibliographic Details
Published in2018 IEEE 29th International Conference on Application-specific Systems, Architectures and Processors (ASAP) pp. 1 - 8
Main Authors Rong, Zelin, Xie, Peidai, Wang, Jingyuan, Xu, Shenglin, Wang, Yongjun
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.07.2018
Subjects
binary instrumentation
calling convention
Kernel
Linux
Malware
Programming
Registers
ROP attack
scratch register
Security
Task analysis
Online AccessGet full text

Cover

More Information
Summary:With the implementation of W ⊕ X security model on computer system, Return-Oriented Programming(ROP) has become the primary exploitation technique for adversaries. Although many solutions that defend against ROP exploits have been proposed, they still suffer from various shortcomings. In this paper, we propose a new way to mitigate ROP attacks that are based on return instructions. We clean the scratch registers which are also the parameter registers based on the features of ROP malicious code and calling convention. A prototype is implemented on x64-based Linux platform based on Pin. Preliminary experimental results show that our method can efficiently mitigate conventional ROP attacks.
ISSN:2160-052X
DOI:10.1109/ASAP.2018.8445132