Immunizing binary executables against return-oriented programming

buir.advisorSelçuk, Ali Aydın
dc.contributor.authorOnarlıoğlu, Kaan
dc.date.accessioned2016-01-08T18:18:44Z
dc.date.available2016-01-08T18:18:44Z
dc.date.issued2010
dc.descriptionAnkara : The Department of Computer Engineering and the Institute of Engineering and Science of Bilkent University, 2010.en_US
dc.descriptionThesis (Master's) -- Bilkent University, 2010.en_US
dc.descriptionIncludes bibliographical references leaves 49-53.en_US
dc.description.abstractDespite the numerous prevention and protection mechanisms that have been introduced into modern operating systems, the exploitation of memory corruption vulnerabilities still represents a serious threat to the security of software systems and networks. A recent exploitation technique, called Return-Oriented Programming (ROP), has lately attracted a considerable attention from academia. ROP attacks utilize short code sequences each ending with a free-branch instruction, i.e. an instruction that allows the attacker to control the execution flow. Identifying such sequences, or gadgets, available in binary executables and chaining them together, it is possible to perform arbitrary computations. Past research on the topic has mostly focused on refining the original attack technique, or on proposing partial solutions that target only particular variants of the attack. In this work, we present a compiler-based approach that represents the first practical solution against any possible form of ROP. Our solution is able to protect the aligned free-branch instructions to prevent them from being misused by an attacker, and to eliminate all unaligned free-branch instructions inside a binary executable. We developed a prototype based on our approach for the x86 architecture, and evaluated it by compiling GNU libc and a number of real-world applications. The results of the experiments demonstrate that our solution is able to prevent any form of returnoriented programming attack.en_US
dc.description.provenanceMade available in DSpace on 2016-01-08T18:18:44Z (GMT). No. of bitstreams: 1 0006198.pdf: 359154 bytes, checksum: e39fa8964e497b22f740f08a3d5ad3ea (MD5)en
dc.description.statementofresponsibilityOnarlıoğlu, Kaanen_US
dc.format.extentx, 53 leavesen_US
dc.identifier.itemidB122596
dc.identifier.urihttp://hdl.handle.net/11693/15459
dc.language.isoEnglishen_US
dc.rightsinfo:eu-repo/semantics/openAccessen_US
dc.subjectReturn-oriented programmingen_US
dc.subjectReturn-to-libcen_US
dc.subjectMemory corruption vulnerabilitiesen_US
dc.subject.lccQA76.9.A25 O53 2010en_US
dc.subject.lcshComputer security.en_US
dc.subject.lcshComputer networks--Security measures.en_US
dc.titleImmunizing binary executables against return-oriented programmingen_US
dc.typeThesisen_US
thesis.degree.disciplineComputer Engineering
thesis.degree.grantorBilkent University
thesis.degree.levelMaster's
thesis.degree.nameMS (Master of Science)

Files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
0006198.pdf
Size:
350.74 KB
Format:
Adobe Portable Document Format