[<prev] [next>] [day] [month] [year] [list]
Message-ID: <566E12FC855B4B4DA509E07083BF9C7E@die>
Date: Mon, 23 Aug 2010 07:29:42 +0200
From: "Piotr Bania" <bania.piotr@...il.com>
To: <dailydave@...ts.immunitysec.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: PAPER: Security Mitigations for Return-Oriented
Programming Attacks
ABSTRACT
With the discovery of new exploit techniques, new protection mechanisms are
needed as well. Mitigations like DEP (Data Execution Prevention) or ASLR
(Address Space Layout Randomization) created a significantly more difficult
environment for vulnerability exploitation. Attackers, however, have
recently developed new exploitation methods which are capable of bypassing
the operating system's security protection mechanisms. In this paper we
present a short summary of novel and known mitigation techniques against
return-oriented programming (ROP) attacks. The techniques described in this
article are related mostly to x86-32 processors and Microsoft Windows
operating systems.
PAPER LINK:
http://kryptoslogic.com/download/ROP_Whitepaper.pdf
MIRROR LINK:
http://piotrbania.com/all/articles/pbania_rop_mitigations2010.pdf
best regards,
pb
--
--------------------------------------------------------------------
Piotr Bania - <bania.piotr@...il.com> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33
http://www.piotrbania.com - Key ID: 0xBE43AC33
--------------------------------------------------------------------
- "The more I learn about men, the more I love dogs."
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists