Indirect Branch Target Address Verification for Defense against Return-Oriented Programming Attacks


KIPS Transactions on Computer and Communication Systems, Vol. 2, No. 5, pp. 217-222, May. 2013
10.3745/KTCCS.2013.2.5.217,   PDF Download:

Abstract

Return-Oriented Programming (ROP) is an advanced code-reuse attack like a return-to-libc attack. ROP attacks combine gadgets in program code area and make functions like a Turing-complete language. Some of previous defense methods against ROP attacks show high performance overhead because of dynamic execution flow analysis and can defend against only certain types of ROP attacks. In this paper, we propose Indirect Branch Target Address Verification (IBTAV). IBTAV detects ROP attacks by checking if target addresses of indirect branches are valid. IBTAV can defends against almost all ROP attacks because it verifies a target address of every indirect branch instruction. Since IBTAV does not require dynamic execution flow analysis, the performance overhead of IBTAV is relatively low. Our evaluation of IBTAV on SPEC CPU 2006 shows less than 15% performance overhead.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
S. Park and S. Kim, "Indirect Branch Target Address Verification for Defense against Return-Oriented Programming Attacks," KIPS Transactions on Computer and Communication Systems, vol. 2, no. 5, pp. 217-222, 2013. DOI: 10.3745/KTCCS.2013.2.5.217.

[ACM Style]
Soohyun Park and Sunil Kim. 2013. Indirect Branch Target Address Verification for Defense against Return-Oriented Programming Attacks. KIPS Transactions on Computer and Communication Systems, 2, 5, (2013), 217-222. DOI: 10.3745/KTCCS.2013.2.5.217.