Clean the Scratch Registers: A Way to Mitigate Return-Oriented Programming Attacks
Title | Clean the Scratch Registers: A Way to Mitigate Return-Oriented Programming Attacks |
Publication Type | Conference Paper |
Year of Publication | 2018 |
Authors | Rong, Z., Xie, P., Wang, J., Xu, S., Wang, Y. |
Conference Name | 2018 IEEE 29th International Conference on Application-specific Systems, Architectures and Processors (ASAP) |
ISBN Number | 978-1-5386-7479-6 |
Keywords | binary instrumentation, calling convention, code reuse attack, composability, Human Behavior, Instruction sets, Kernel, Linux, Malware, object-oriented programming, parameter registers, Programming, pubcrawl, Registers, Resiliency, return instructions, return oriented programming, Return-oriented Programming attacks, ROP attack, rop attacks, ROP malicious code, Scalability, scratch register, scratch registers, security, security of data, Task Analysis, W ⊕ X security model, x64-based Linux platform |
Abstract | With the implementation of W X security model on computer system, Return-Oriented Programming(ROP) has become the primary exploitation technique for adversaries. Although many solutions that defend against ROP exploits have been proposed, they still suffer from various shortcomings. In this paper, we propose a new way to mitigate ROP attacks that are based on return instructions. We clean the scratch registers which are also the parameter registers based on the features of ROP malicious code and calling convention. A prototype is implemented on x64-based Linux platform based on Pin. Preliminary experimental results show that our method can efficiently mitigate conventional ROP attacks. |
URL | https://ieeexplore.ieee.org/document/8445132 |
DOI | 10.1109/ASAP.2018.8445132 |
Citation Key | rong_clean_2018 |
- Resiliency
- x64-based Linux platform
- W ⊕ X security model
- Task Analysis
- security of data
- security
- scratch registers
- scratch register
- Scalability
- ROP malicious code
- rop attacks
- ROP attack
- Return-oriented Programming attacks
- return oriented programming
- return instructions
- binary instrumentation
- Registers
- pubcrawl
- programming
- parameter registers
- object-oriented programming
- malware
- Linux
- Kernel
- Instruction sets
- Human behavior
- composability
- code reuse attack
- calling convention