Visible to the public Clean the Scratch Registers: A Way to Mitigate Return-Oriented Programming Attacks

Submitted by aekwall on Mon, 10/14/2019 - 10:20am
TitleClean the Scratch Registers: A Way to Mitigate Return-Oriented Programming Attacks
Publication TypeConference Paper
Year of Publication2018
AuthorsRong, Z., Xie, P., Wang, J., Xu, S., Wang, Y.
Conference Name2018 IEEE 29th International Conference on Application-specific Systems, Architectures and Processors (ASAP)
ISBN Number978-1-5386-7479-6
Keywordsbinary instrumentation, calling convention, code reuse attack, composability, Human Behavior, Instruction sets, Kernel, Linux, Malware, object-oriented programming, parameter registers, Programming, pubcrawl, Registers, Resiliency, return instructions, return oriented programming, Return-oriented Programming attacks, ROP attack, rop attacks, ROP malicious code, Scalability, scratch register, scratch registers, security, security of data, Task Analysis, W ⊕ X security model, x64-based Linux platform
Abstract

With the implementation of W X security model on computer system, Return-Oriented Programming(ROP) has become the primary exploitation technique for adversaries. Although many solutions that defend against ROP exploits have been proposed, they still suffer from various shortcomings. In this paper, we propose a new way to mitigate ROP attacks that are based on return instructions. We clean the scratch registers which are also the parameter registers based on the features of ROP malicious code and calling convention. A prototype is implemented on x64-based Linux platform based on Pin. Preliminary experimental results show that our method can efficiently mitigate conventional ROP attacks.
URLhttps://ieeexplore.ieee.org/document/8445132
DOI10.1109/ASAP.2018.8445132
Citation Keyrong_clean_2018
Groups: