Return-Oriented Programming: the Good, the Bad and the Ugly
| Componente | Categoria |
|---|---|
| Camil Demetrescu | Tutor di riferimento |
Return-oriented programming (ROP) is a well-known technique from the software security domain that is at the base of a myriad of vulnerability exploitation attacks carried out in the wild. By chaining together short legit fragments of a program through "return" instructions, an attacker can encode and execute an arbitrary sequence of malicious actions without having to load any external code into the system.
The popularity of ROP mainly stems from its ability to fool the defenses employed by modern operating systems against code injection and remote code execution attacks. Over the years, prominent ROP attacks have targeted popular software such as Adobe Flash, Adobe Reader, Internet Explorer, and Microsoft Office. ROP has also been used to bypass code signing mechanisms in Apple iOS, to drop dangerous ransomware in hardened systems, and to induce misbehavior in election voting machines.
The contributions this project aims at providing are threefold. Firstly, we plan to devise a ROP-based obfuscation tool for protecting portions of a program against reversing and cracking, thus proposing ROP technology for a benign application. Secondly, we believe the community would benefit from a systematization of knowledge on the ROP domain that can provide a longitudinal view of ROP attacks and defenses, offer useful perspectives on open problems, and point out possibly missed opportunities. Finally, we intend to shed light on aspects of the ROP practice that remain hardly accessible to the research community due to the entanglements and huge amount of engineering work typically involved in the creation and deployment of a ROP exploit.
The project will be carried out as part of a joint effort with Royal Holloway University of London.