Proceedings of the Institute for System Programming of the RAS
RUS  ENG    JOURNALS   PEOPLE   ORGANISATIONS   CONFERENCES   SEMINARS   VIDEO LIBRARY   PACKAGE AMSBIB  
General information
Latest issue
Archive

Search papers
Search references

RSS
Latest issue
Current issues
Archive issues
What is RSS


Proceedings of ISP RAS:
Year:
Volume:
Issue:
Page:
Find




Personal entry:
Login:
Password:
Save password
Enter
Forgotten password?
Register

Proceedings of the Institute for System Programming of the RAS, 2018, Volume 30, Issue 5, Pages 31–54
DOI: https://doi.org/10.15514/ISPRAS-2018-30(5)-2 (Mi tisp359) 		 
This article is cited in 1 scientific paper (total in 1 paper)

Method for analysis of code-reuse attacks

A. V. Vishnyakova, A. R. Nurmukhametova, Sh. F. Kurmangaleeva, S. S. Gaysaryanbacd

a Institute for System Programming of the Russian Academy of Sciences
b National Research University Higher School of Economics (HSE)
c Moscow Institute of Physics and Technology (State University)
d Lomonosov Moscow State University
Full-text PDF (724 kB) Citations (1)
References:
PDF
HTML
DOI: https://doi.org/10.15514/ISPRAS-2018-30(5)-2
Abstract: Providing security for computer programs is one of the paramount tasks nowadays. Failures in operation of program software can lead to serious consequences and exploitation of vulnerabilities can inflict immense harm. Large corporations pay particular attention to the analysis of computer security incidents. Code-reuse attacks based on return-oriented programming are gaining more and more popularity each year and can bypass even modern operating system protections. Unlike common shellcode, where instructions are placed consequently in memory, ROP chain contains of several small instruction blocks (gadgets) and uses stack to chain them together, which makes analysis of ROP exploits more difficult. The main goal of this work is to simplify reverse engineering of ROP exploits. In this paper I propose the method for analysis of code-reuse attacks, which allows one to split chain into gadgets, restore the semantics of each particular gadget, and restore prototypes and parameters values of system calls and functions called during the execution of ROP chain. Parametrized types define gadget semantics. Each gadget type is defined by a postcondition (boolean predicate) that must always be true after executing the gadget. The proposed method was implemented as a program tool and tested on real ROP exploits found on the internet.
Keywords: computer security, binary analysis, vulnerability, return-oriented programming, ROP, gadgets classification, code-reuse attack, computer security incident.
Funding agency Grant number
Russian Foundation for Basic Research 17-01-00600
Bibliographic databases:
Document Type: Article
Language: Russian
Citation: A. V. Vishnyakov, A. R. Nurmukhametov, Sh. F. Kurmangaleev, S. S. Gaysaryan, “Method for analysis of code-reuse attacks”, Proceedings of ISP RAS, 30:5 (2018), 31–54
Citation in format AMSBIB
\Bibitem{VisNurKur18}
\by A.~V.~Vishnyakov, A.~R.~Nurmukhametov, Sh.~F.~Kurmangaleev, S.~S.~Gaysaryan
\paper Method for analysis of code-reuse attacks
\jour Proceedings of ISP RAS
\yr 2018
\vol 30
\issue 5
\pages 31--54
\mathnet{http://mi.mathnet.ru/tisp359}
\crossref{https://doi.org/10.15514/ISPRAS-2018-30(5)-2}
\elib{https://elibrary.ru/item.asp?id=36591025}
Linking options:
  • https://www.mathnet.ru/eng/tisp359
  • https://www.mathnet.ru/eng/tisp/v30/i5/p31
    • This publication is cited in the following 1 articles:
    Citing articles in Google Scholar: Russian citations, English citations
    Related articles in Google Scholar: Russian articles, English articles
    		Proceedings of the Institute for System Programming of the RAS
    Statistics & downloads:
    Abstract page:178
    Full-text PDF :97
    References:17
     
      Contact us:
    		  Terms of Use  Registration to the website  Logotypes © Steklov Mathematical Institute RAS, 2024