Skip to Main Content
Frequently Asked Questions
Submit an ETD
Global Search Box
Need Help?
Keyword Search
Participating Institutions
Advanced Search
School Logo
Files
File List
9047.pdf (389.07 KB)
ETD Abstract Container
Abstract Header
Defeating ROP Through Dynamically Encrypted Return Addresses
Author Info
White, Matthew L
Permalink:
http://rave.ohiolink.edu/etdc/view?acc_num=ucin1393237185
Abstract Details
Year and Degree
2014, MS, University of Cincinnati, Engineering and Applied Science: Computer Science.
Abstract
Operating systems have been evolving to provide defenses, including Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR), for some common attack vectors. However, as defenses increase, so does the cleverness of attackers. A more recent attack vector seeks to bypass the most common defense mechanisms by needing only to execute instructions that already exist in the program being run. This method, Return Oriented Programming (ROP), has allowed for new exploitation vectors on even the most up-to-date operating systems. A ROP attack is performed by an attacker who first gains control of a program and then executes a series of short instructions (gadgets) that already exist within the running application. This paper introduces a new method to mitigate ROP attacks that removes the control an attacker has in selecting and executing arbitrary portions of code. This is accomplished through the use of dynamic analysis and instrumentation to both identify when a program calls a function and to encrypt the return address that will be used.
Committee
John Franco, Ph.D. (Committee Chair)
Prabir Bhattacharya, Ph.D. (Committee Member)
Paul Talaga (Committee Member)
Pages
53 p.
Subject Headings
Computer Science
Keywords
ROP
;
Return Oriented Programming
;
Dynamic Instrumentation
Recommended Citations
Refworks
EndNote
RIS
Mendeley
Citations
White, M. L. (2014).
Defeating ROP Through Dynamically Encrypted Return Addresses
[Master's thesis, University of Cincinnati]. OhioLINK Electronic Theses and Dissertations Center. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1393237185
APA Style (7th edition)
White, Matthew.
Defeating ROP Through Dynamically Encrypted Return Addresses.
2014. University of Cincinnati, Master's thesis.
OhioLINK Electronic Theses and Dissertations Center
, http://rave.ohiolink.edu/etdc/view?acc_num=ucin1393237185.
MLA Style (8th edition)
White, Matthew. "Defeating ROP Through Dynamically Encrypted Return Addresses." Master's thesis, University of Cincinnati, 2014. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1393237185
Chicago Manual of Style (17th edition)
Abstract Footer
Document number:
ucin1393237185
Download Count:
999
Copyright Info
© 2014, some rights reserved.
Defeating ROP Through Dynamically Encrypted Return Addresses by Matthew L White is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License. Based on a work at etd.ohiolink.edu.
This open access ETD is published by University of Cincinnati and OhioLINK.