Paper Info
Title
Defending Against ROP Attacks with Nearly Zero Overhead
Abstract
Return-Oriented Programming (ROP) is a sophisticated exploitation technique that is able to drive target applications to perform arbitrary unintended operations by constructing a gadget chain reusing existing small code sequences (gadgets) collected across the entire code space. In this paper, we propose to address ROP attacks from a different angle-shrinking available code space at runtime. We present ROPStarvation, a generic and transparent ROP countermeasure that defend against all types of ROP attacks with almost zero run-time overhead. ROPStarvation does not aim to completely stop ROP attacks, instead it attempts to significantly increase the bar by decreasing the possibility of launching a successful ROP exploit in reality. Moreover, shrinking available code space at runtime is lightweight that makes ROPStarvation practical for being deployed with high performance requirement. Results show that ROPStarvation successfully reduces the code space of target applications by 85%. With the reduced code segments, ROPStarvation decreases the probability of building a valid ROP gadget chain by 100% and 83% respectively, with the assumptions that whether the adversary knows the vulnerable applications are protected by ROPStarvation. Evaluations on the SPEC CPU2006 benchmark show that ROPStarvation introduces nearly zero (0.2% on average) run-time performance overhead.
Year
DOI
Venue
2019
10.1109/GLOBECOM38437.2019.9013944
IEEE Global Communications Conference
DocType
ISSN
Citations 
Conference
2334-0983
0
PageRank 
References 
Authors
0.34
0
4
Name
Order
Citations
PageRank
Peng Qin100.34
Cheng Tan2349.73
Lei Zhao3137.68
Yueqiang Cheng465.51