Entry Roemer:2012:ROP from tissec.bib
Last update: Sun Oct 15 02:58:48 MDT 2017
Top |
Symbols |
Numbers |
Math |
A |
B |
C |
D |
E |
F |
G |
H |
I |
J |
K |
L |
M |
N |
O |
P |
Q |
R |
S |
T |
U |
V |
W |
X |
Y |
Z
BibTeX entry
@Article{Roemer:2012:ROP,
author = "Ryan Roemer and Erik Buchanan and Hovav Shacham and
Stefan Savage",
title = "Return-Oriented Programming: Systems, Languages, and
Applications",
journal = j-TISSEC,
volume = "15",
number = "1",
pages = "2:1--2:??",
month = mar,
year = "2012",
CODEN = "ATISBQ",
DOI = "https://doi.org/10.1145/2133375.2133377",
ISSN = "1094-9224 (print), 1557-7406 (electronic)",
ISSN-L = "1094-9224",
bibdate = "Sat Mar 24 09:45:43 MDT 2012",
bibsource = "http://portal.acm.org/;
http://www.math.utah.edu/pub/tex/bib/tissec.bib",
abstract = "We introduce return-oriented programming, a technique
by which an attacker can induce arbitrary behavior in a
program whose control flow he has diverted, without
injecting any code. A return-oriented program chains
together short instruction sequences already present in
a program's address space, each of which ends in a
``return'' instruction. Return-oriented programming
defeats the $W \oplus X$ protections recently deployed
by Microsoft, Intel, and AMD; in this context, it can
be seen as a generalization of traditional
return-into-libc attacks. But the threat is more
general. Return-oriented programming is readily
exploitable on multiple architectures and systems. It
also bypasses an entire category of security
measures---those that seek to prevent malicious
computation by preventing the execution of malicious
code. To demonstrate the wide applicability of
return-oriented programming, we construct a
Turing-complete set of building blocks called gadgets
using the standard C libraries of two very different
architectures: Linux/x86 and Solaris/SPARC. To
demonstrate the power of return-oriented programming,
we present a high-level, general-purpose language for
describing return-oriented exploits and a compiler that
translates it to gadgets.",
acknowledgement = ack-nhfb,
articleno = "2",
fjournal = "ACM Transactions on Information and System Security",
journal-URL = "http://portal.acm.org/browse_dl.cfm?idx=J789",
}
Related entries
- address,
2(1)65,
2(4)390,
10(2)8,
10(3)12,
11(1)4,
11(2)3,
11(3)12,
12(2)11,
13(3)22,
13(3)26,
13(4)31,
13(4)38,
13(4)40,
14(1)3,
15(2)6,
15(2)8,
16(3)11,
16(4)14,
17(1)1,
17(1)2,
17(1)4,
17(2)8,
17(3)11
- already,
10(1)2,
13(3)27,
14(4)32,
17(4)16
- any,
1(1)66,
1(1)93,
2(4)390,
9(4)461,
10(3)10,
10(3)12,
10(4)1,
10(4)4,
11(2)4,
11(2)6,
11(3)13,
11(3)16,
11(4)20,
12(1)3,
12(1)5,
12(1)6,
12(2)8,
12(2)9,
12(2)10,
12(3)14,
12(3)18,
12(3)19,
12(4)20,
13(1)10,
13(3)28,
13(4)33,
13(4)39,
14(1)6,
14(1)8,
14(1)9,
14(4)32,
15(2)9,
15(2)10,
15(4)17,
16(2)6,
16(2)7,
16(3)12,
16(4)13,
16(4)15,
17(2)8,
17(3)9,
17(3)11,
18(1)1
- application,
1(1)66,
2(2)159,
2(2)177,
2(4)354,
4(2)103,
7(1)1,
7(1)97,
8(3)287,
9(1)1,
9(1)94,
10(1)2,
10(2)6,
10(4)3,
11(1)2,
11(1)3,
11(3)14,
11(3)16,
11(4)22,
12(1)2,
12(1)3,
12(2)11,
12(3)14,
12(4)21,
13(1)4,
13(1)10,
13(2)17,
13(3)22,
13(3)26,
13(4)38,
13(4)39,
14(1)2,
14(1)3,
14(1)6,
14(1)8,
14(1)9,
14(2)19,
14(3)27,
15(1)4,
16(1)1,
16(1)2,
16(2)6,
16(3)9,
16(4)13,
16(4)17,
17(2)5,
17(4)13,
18(3)10,
18(4)12
- arbitrary,
10(4)1,
10(4)2,
11(3)12,
13(4)38,
14(1)6,
14(1)13,
17(3)10
- architecture,
2(2)177,
2(3)269,
4(3)289,
8(2)187,
10(4)6,
11(1)2,
11(1)3,
13(4)37,
14(1)3,
15(3)13,
16(1)1,
16(2)5,
16(3)11,
17(2)8,
18(2)8
- attacker,
2(2)159,
8(1)78,
10(1)4,
10(4)3,
10(4)6,
11(3)12,
11(3)15,
12(1)4,
12(2)12,
12(3)17,
12(4)22,
13(4)37,
14(1)7,
14(1)13,
14(4)31,
15(4)16,
17(2)8,
17(3)11,
17(4)13,
17(4)16,
18(1)1,
18(2)7,
18(4)13
- behavior,
2(3)295,
2(4)354,
10(4)6,
11(4)19,
12(1)5,
12(3)14,
12(3)19,
14(1)10,
14(4)32,
15(2)10,
15(3)14,
16(3)12,
17(2)8,
18(2)5,
18(2)7,
18(3)9
- block,
10(1)4,
13(4)33,
13(4)39,
14(1)5,
14(1)12,
15(2)6,
16(1)2,
17(4)15
- building,
10(1)4,
12(3)19
- bypass,
11(4)22
- C,
16(3)9
- called,
1(1)3,
1(1)66,
2(1)105,
2(2)177,
2(3)269,
10(1)4,
11(1)3,
11(3)14,
12(3)15,
13(1)10,
13(3)26,
13(3)27,
14(1)13,
14(4)28,
15(2)9,
15(4)18,
16(2)6,
17(1)2,
17(3)10,
17(4)16,
18(1)3
- category,
16(4)14
- chain,
2(2)159,
10(4)3,
12(3)15,
14(1)5,
15(4)17,
18(2)7
- code,
5(3)238,
6(2)258,
11(4)23,
12(2)10,
12(2)11,
12(3)14,
12(3)19,
13(1)10,
13(2)17,
13(3)21,
15(1)3,
15(2)10,
16(1)1,
16(2)6,
16(2)7,
16(3)9,
18(4)12
- compiler,
13(3)21,
17(4)13
- computation,
1(1)26,
2(3)332,
9(4)461,
11(2)6,
12(1)6,
13(3)22,
13(4)29,
14(1)5,
14(4)29,
14(4)31,
15(2)9,
16(3)11,
17(3)11
- construct,
9(2)181,
12(1)3,
12(3)19,
13(4)36,
17(1)2,
17(2)7
- context,
7(3)392,
10(1)2,
10(2)8,
10(3)12,
10(4)2,
11(3)13,
11(3)16,
12(3)18,
12(4)20,
14(1)2,
14(1)4,
15(2)8,
15(4)16,
17(2)7,
17(3)12,
18(3)10
- defeat,
14(1)13,
14(3)27
- demonstrate,
2(3)295,
10(1)4,
10(4)1,
10(4)4,
10(4)6,
11(1)3,
11(3)16,
11(4)22,
12(1)4,
12(3)19,
13(1)10,
13(4)30,
13(4)31,
13(4)38,
14(3)27,
15(1)4,
15(2)7,
15(3)12,
15(3)13,
15(4)16,
16(3)9,
16(3)10,
17(2)8,
17(3)10,
17(3)12,
17(4)16,
18(2)8,
18(4)12,
18(4)14
- deployed,
10(3)11,
11(3)14,
13(3)26,
14(3)23,
15(2)6,
15(3)13,
15(4)16,
17(3)9,
18(1)1
- describing,
1(1)66
- different,
1(1)26,
1(1)93,
2(1)105,
2(2)138,
2(3)269,
10(1)2,
10(1)4,
10(4)4,
12(1)3,
12(3)14,
13(1)10,
13(3)27,
13(3)28,
14(1)4,
14(4)28,
15(2)7,
15(2)10,
16(1)3,
16(2)7,
16(3)9,
16(4)15,
17(2)7,
17(4)14,
18(1)1,
18(3)11
- each,
2(1)65,
2(2)138,
2(4)390,
9(4)421,
9(4)461,
10(1)4,
10(2)8,
10(3)10,
10(3)12,
11(3)14,
11(4)18,
11(4)23,
12(1)6,
12(2)8,
12(2)10,
12(3)18,
12(4)20,
13(1)10,
13(4)29,
13(4)34,
14(3)25,
14(3)26,
14(3)27,
14(4)32,
15(2)6,
16(4)14,
16(4)17,
17(2)8,
17(3)10,
17(3)12,
17(4)13,
18(1)4
- end,
9(4)461,
10(2)8,
14(2)19,
15(4)17,
17(3)10,
18(1)1,
18(2)7
- entire,
2(1)105,
14(3)25
- execution,
1(1)26,
10(4)3,
12(2)10,
12(2)11,
12(3)14,
14(1)6,
14(2)15,
14(4)32,
15(2)10,
15(3)13,
16(1)3,
16(2)6,
16(2)7,
18(1)2,
18(1)4
- exploit,
2(4)416,
12(1)1,
12(2)11,
12(4)22,
13(3)28,
16(4)13,
17(1)1,
17(3)11
- flow,
1(1)26,
1(1)93,
10(2)7,
12(1)5,
12(2)11,
13(3)26,
14(3)24,
16(1)1,
16(2)6,
18(2)8
- general,
1(1)66,
2(1)65,
2(1)105,
2(2)159,
2(3)230,
2(3)269,
9(2)181,
9(4)391,
10(1)2,
10(4)1,
11(1)3,
12(1)2,
12(1)5,
12(3)18,
12(4)20,
13(3)28,
15(3)13,
16(1)2,
16(1)4,
16(2)7,
17(1)3,
17(1)4,
18(1)3,
18(3)10,
18(4)12
- general-purpose,
11(4)18,
16(3)10
- generalization,
12(1)5,
15(4)15
- has,
1(1)93,
2(1)105,
2(2)138,
2(3)230,
2(3)269,
2(3)332,
9(4)391,
10(1)3,
10(1)4,
10(3)10,
11(1)2,
11(2)2,
11(3)14,
11(4)17,
11(4)19,
11(4)22,
11(4)23,
12(1)2,
12(2)9,
12(2)10,
12(3)15,
12(4)22,
13(3)20,
13(3)25,
13(3)26,
13(3)27,
13(3)28,
13(4)36,
14(1)3,
14(1)12,
14(1)14,
14(3)26,
14(4)28,
15(2)6,
15(2)10,
15(3)12,
16(2)8,
16(4)14,
17(1)2,
17(1)3,
17(3)9,
17(3)11,
17(4)14,
17(4)15,
17(4)16,
18(2)7,
18(3)11,
18(4)14
- high-level,
9(2)181,
13(3)24,
15(2)8
- induce,
16(2)6
- instruction,
8(1)3,
16(2)7
- introduce,
1(1)66,
1(1)93,
2(3)230,
2(4)390,
9(2)162,
10(1)2,
10(1)3,
10(4)2,
11(2)5,
11(3)12,
11(4)17,
12(1)1,
12(1)3,
12(1)5,
12(2)13,
12(3)14,
12(3)15,
12(4)20,
13(3)24,
13(3)27,
13(4)32,
14(1)3,
14(1)12,
16(2)7,
16(3)9,
16(3)12,
16(4)17,
17(2)7,
17(3)9
- language,
2(1)65,
9(4)391,
9(4)421,
10(1)3,
10(2)8,
11(1)2,
11(1)4,
11(4)21,
12(1)1,
12(2)12,
13(3)20,
13(3)24,
13(3)26,
13(3)28,
14(1)9,
15(2)8,
16(1)3,
16(3)9,
16(4)17,
17(1)2,
17(1)3
- level, high-,
9(2)181,
13(3)24,
15(2)8
- library,
2(4)354,
10(2)8,
12(2)10,
14(4)31,
16(2)5,
16(3)9,
18(1)4
- malicious,
2(2)177,
2(3)295,
10(3)11,
10(4)6,
11(2)2,
11(3)13,
11(3)14,
11(3)15,
11(4)22,
11(4)23,
12(2)12,
12(3)14,
14(1)13,
15(4)17,
16(2)6,
16(3)12,
16(4)13,
16(4)14,
17(3)10,
17(3)12,
17(4)13,
18(2)5
- measure,
2(3)269,
2(3)295,
9(2)162,
10(4)5,
11(4)17,
12(3)17,
12(4)22,
13(3)22,
13(4)36,
16(2)6,
17(1)1,
18(1)1,
18(2)5
- Microsoft,
13(1)10,
16(2)7,
17(4)14
- more,
2(1)3,
2(1)65,
2(3)332,
9(2)181,
9(4)391,
9(4)421,
9(4)461,
10(1)4,
10(3)9,
10(4)1,
10(4)4,
10(4)6,
11(2)3,
11(2)4,
11(2)6,
11(3)14,
11(4)21,
12(1)1,
12(2)8,
12(2)10,
12(2)12,
12(2)13,
12(3)18,
13(1)10,
13(3)20,
13(3)21,
13(3)22,
13(3)28,
13(4)32,
13(4)34,
13(4)39,
14(3)27,
14(4)31,
15(1)5,
15(2)8,
15(2)9,
15(3)11,
15(3)12,
15(4)16,
16(1)2,
16(2)8,
16(3)10,
16(3)11,
16(4)17,
17(1)2,
17(1)3,
17(3)9,
17(4)14,
17(4)16,
18(1)1,
18(3)11,
18(4)13
- multiple,
2(2)138,
2(2)177,
2(4)390,
11(1)4,
11(4)18,
11(4)22,
11(4)23,
12(1)3,
13(4)32,
13(4)36,
14(1)4,
14(1)6,
14(3)25,
14(4)31,
15(3)13,
15(4)16,
15(4)17,
18(4)13
- power,
1(1)93,
9(2)162,
10(4)1,
12(2)10,
14(1)7,
14(1)8,
14(1)13,
18(2)5,
18(2)7
- present,
1(1)26,
2(1)3,
2(1)65,
2(2)177,
2(3)230,
2(3)269,
2(3)295,
2(4)354,
7(2)319,
9(2)181,
9(4)461,
10(1)2,
10(2)7,
10(3)10,
10(3)11,
10(3)12,
10(4)2,
10(4)3,
11(1)2,
11(1)4,
11(2)2,
11(2)5,
11(3)14,
11(4)22,
12(1)2,
12(1)4,
12(2)10,
12(2)11,
12(3)14,
12(3)15,
12(3)16,
12(3)17,
12(4)22,
13(1)10,
13(3)20,
13(3)22,
13(3)25,
13(3)28,
13(4)29,
13(4)41,
14(1)4,
14(1)5,
14(1)6,
15(2)6,
15(2)8,
15(2)10,
15(3)12,
15(3)13,
15(4)16,
15(4)18,
16(2)6,
16(2)7,
16(4)13,
16(4)14,
17(1)4,
17(2)6,
17(2)7,
17(2)8,
17(3)9,
17(3)12,
17(4)14,
17(4)15,
17(4)16,
18(1)3,
18(1)4,
18(2)7,
18(3)9,
18(3)10,
18(3)11,
18(4)12,
18(4)14
- prevent,
2(4)354,
13(1)10,
13(4)37,
14(1)11,
14(3)27,
15(2)10,
16(1)1,
16(1)3
- preventing,
12(2)12,
15(3)13
- program,
2(1)65,
2(3)332,
11(3)14,
12(1)1,
12(2)10,
12(2)11,
12(3)16,
12(3)19,
13(3)21,
14(3)24,
15(2)10,
16(2)7,
17(1)2,
17(3)11,
18(1)4
- programming,
6(4)501,
10(2)7,
12(1)6,
15(2)8,
17(1)2
- protection,
1(1)3,
1(1)26,
1(1)66,
1(1)93,
2(1)3,
2(1)34,
2(1)105,
2(2)138,
2(2)177,
2(3)230,
2(3)295,
2(4)354,
2(4)390,
10(1)3,
10(3)9,
11(4)20,
12(2)9,
12(2)11,
13(3)22,
14(3)24,
15(2)8,
16(2)6
- purpose, general-,
11(4)18
- readily,
16(3)11
- recently,
2(4)416,
9(2)181,
13(3)26,
13(3)28,
13(4)37,
14(3)27,
15(2)7,
16(3)10,
16(4)14,
16(4)17,
17(4)14,
17(4)16,
18(1)1
- return,
11(2)5,
12(3)16,
13(3)28
- seek,
14(1)2
- seen,
14(3)26,
18(4)14
- sequence,
2(3)295,
10(2)8,
13(3)20,
13(4)35,
14(4)32,
15(2)10,
16(2)8
- set,
2(1)34,
2(2)138,
2(4)390,
8(1)3,
9(4)421,
10(2)5,
10(3)12,
10(4)2,
10(4)3,
10(4)5,
11(2)1,
11(2)3,
11(3)13,
11(4)18,
11(4)21,
12(2)11,
12(3)18,
12(3)19,
12(4)20,
12(4)21,
13(1)9,
13(1)10,
13(3)27,
13(4)40,
14(1)12,
14(3)25,
14(4)31,
15(2)7,
15(2)10,
15(3)13,
15(4)15,
16(1)4,
17(1)2,
17(2)8,
17(3)11,
17(4)13,
17(4)14,
18(1)4,
18(3)10,
18(3)11
- Shacham, Hovav,
7(4)553
- short,
18(1)2
- space,
2(3)295,
6(1)43,
6(3)327,
10(4)5,
12(2)8,
12(3)18,
12(3)19,
14(1)14,
18(4)13
- standard,
2(3)230,
2(4)416,
4(3)224,
7(2)319,
10(2)8,
10(3)11,
10(3)12,
11(1)4,
11(2)4,
12(1)1,
12(3)18,
13(3)28,
13(4)35,
13(4)37,
13(4)41,
16(1)2,
16(1)3,
16(3)10,
16(4)15,
17(3)11,
17(4)16,
18(4)14
- technique,
1(1)3,
2(2)138,
2(3)230,
2(3)295,
2(4)416,
7(2)274,
9(4)391,
9(4)461,
10(2)6,
10(3)9,
10(4)6,
11(2)2,
11(3)12,
11(3)16,
11(4)17,
11(4)18,
11(4)22,
12(1)4,
12(2)11,
12(2)13,
12(3)16,
12(3)18,
13(3)22,
13(3)25,
13(3)28,
13(4)32,
13(4)33,
13(4)35,
13(4)36,
13(4)39,
14(1)3,
14(1)5,
14(1)6,
14(1)13,
14(3)24,
14(4)32,
15(1)5,
15(2)7,
15(2)8,
15(3)12,
15(4)17,
15(4)18,
16(1)2,
16(2)6,
16(2)7,
16(3)11,
16(4)13,
16(4)14,
17(3)9,
17(3)12,
17(4)16,
18(1)2,
18(2)6,
18(3)11
- threat,
7(4)489,
10(3)11,
11(2)2,
11(2)3,
12(2)12,
14(1)7,
14(3)24,
15(2)7,
16(2)6,
16(2)8,
16(3)9,
17(4)16,
18(2)5,
18(2)7,
18(4)12,
18(4)14
- together,
2(1)3,
9(4)421,
12(4)20,
13(3)24,
14(3)23
- traditional,
1(1)93,
2(3)269,
10(4)4,
11(4)22,
12(1)3,
12(2)10,
12(4)21,
14(1)3,
16(2)8,
17(1)2,
17(3)12,
17(4)14,
17(4)16,
18(2)7
- translate,
13(3)28,
15(2)8
- two,
1(1)26,
2(4)416,
9(4)391,
10(1)4,
10(2)6,
10(2)8,
10(3)10,
10(4)4,
11(2)1,
11(2)4,
11(2)6,
11(3)13,
11(4)22,
12(1)2,
12(1)3,
12(1)4,
12(1)6,
12(3)14,
12(4)20,
13(3)22,
13(3)27,
13(4)40,
14(1)4,
14(1)5,
14(4)30,
15(1)5,
15(2)6,
15(3)11,
15(3)12,
16(1)1,
16(1)2,
16(1)4,
16(3)9,
16(3)10,
16(4)15,
17(4)13,
18(2)5,
18(4)12,
18(4)13,
18(4)14
- using,
2(2)138,
2(2)177,
2(3)332,
4(3)289,
6(2)258,
6(3)327,
9(2)113,
9(2)162,
9(2)181,
9(3)292,
9(3)325,
9(4)461,
10(1)4,
10(2)8,
10(3)11,
10(4)3,
10(4)6,
11(1)2,
11(2)1,
11(2)2,
11(2)3,
11(3)14,
11(4)19,
11(4)21,
12(2)10,
12(2)11,
13(1)2,
13(1)8,
13(3)20,
13(3)26,
13(4)31,
13(4)35,
13(4)39,
14(1)3,
14(1)12,
14(1)14,
14(3)27,
15(3)11,
15(3)12,
15(4)15,
15(4)17,
16(1)1,
16(1)2,
16(1)4,
16(2)5,
16(2)6,
16(3)10,
16(4)17,
17(1)1,
17(2)5,
17(3)10,
17(3)11,
17(4)13,
17(4)14,
17(4)16,
18(2)7,
18(2)8,
18(3)10,
18(3)11,
18(4)14
- very,
1(1)3,
2(1)65,
2(3)269,
10(4)1,
11(2)5,
11(3)14,
11(4)18,
13(3)22,
13(3)27,
14(1)2,
15(3)12,
16(1)1,
16(3)11,
16(4)13,
17(3)10,
17(4)15,
17(4)16,
18(2)7,
18(3)11,
18(4)12,
18(4)14
- whose,
11(4)17,
16(4)17,
18(2)5
- wide,
11(4)19,
12(3)14,
13(3)21,
14(1)10,
15(4)15,
16(2)5,
16(2)7,
16(4)14,
16(4)17,
17(4)16