Entry Roemer:2012:ROP from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Roemer:2012:ROP,
  author =       "Ryan Roemer and Erik Buchanan and Hovav Shacham and
                 Stefan Savage",
  title =        "Return-Oriented Programming: Systems, Languages, and
                 Applications",
  journal =      j-TISSEC,
  volume =       "15",
  number =       "1",
  pages =        "2:1--2:??",
  month =        mar,
  year =         "2012",
  CODEN =        "ATISBQ",
  DOI =          "https://doi.org/10.1145/2133375.2133377",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Sat Mar 24 09:45:43 MDT 2012",
  bibsource =    "http://portal.acm.org/;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib",
  abstract =     "We introduce return-oriented programming, a technique
                 by which an attacker can induce arbitrary behavior in a
                 program whose control flow he has diverted, without
                 injecting any code. A return-oriented program chains
                 together short instruction sequences already present in
                 a program's address space, each of which ends in a
                 ``return'' instruction. Return-oriented programming
                 defeats the $W \oplus X$ protections recently deployed
                 by Microsoft, Intel, and AMD; in this context, it can
                 be seen as a generalization of traditional
                 return-into-libc attacks. But the threat is more
                 general. Return-oriented programming is readily
                 exploitable on multiple architectures and systems. It
                 also bypasses an entire category of security
                 measures---those that seek to prevent malicious
                 computation by preventing the execution of malicious
                 code. To demonstrate the wide applicability of
                 return-oriented programming, we construct a
                 Turing-complete set of building blocks called gadgets
                 using the standard C libraries of two very different
                 architectures: Linux/x86 and Solaris/SPARC. To
                 demonstrate the power of return-oriented programming,
                 we present a high-level, general-purpose language for
                 describing return-oriented exploits and a compiler that
                 translates it to gadgets.",
  acknowledgement = ack-nhfb,
  articleno =    "2",
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
}

Related entries

address, 2(1)65, 2(4)390, 10(2)8, 10(3)12, 11(1)4, 11(2)3, 11(3)12, 12(2)11, 13(3)22, 13(3)26, 13(4)31, 13(4)38, 13(4)40, 14(1)3, 15(2)6, 15(2)8, 16(3)11, 16(4)14, 17(1)1, 17(1)2, 17(1)4, 17(2)8, 17(3)11
already, 10(1)2, 13(3)27, 14(4)32, 17(4)16
any, 1(1)66, 1(1)93, 2(4)390, 9(4)461, 10(3)10, 10(3)12, 10(4)1, 10(4)4, 11(2)4, 11(2)6, 11(3)13, 11(3)16, 11(4)20, 12(1)3, 12(1)5, 12(1)6, 12(2)8, 12(2)9, 12(2)10, 12(3)14, 12(3)18, 12(3)19, 12(4)20, 13(1)10, 13(3)28, 13(4)33, 13(4)39, 14(1)6, 14(1)8, 14(1)9, 14(4)32, 15(2)9, 15(2)10, 15(4)17, 16(2)6, 16(2)7, 16(3)12, 16(4)13, 16(4)15, 17(2)8, 17(3)9, 17(3)11, 18(1)1
application, 1(1)66, 2(2)159, 2(2)177, 2(4)354, 4(2)103, 7(1)1, 7(1)97, 8(3)287, 9(1)1, 9(1)94, 10(1)2, 10(2)6, 10(4)3, 11(1)2, 11(1)3, 11(3)14, 11(3)16, 11(4)22, 12(1)2, 12(1)3, 12(2)11, 12(3)14, 12(4)21, 13(1)4, 13(1)10, 13(2)17, 13(3)22, 13(3)26, 13(4)38, 13(4)39, 14(1)2, 14(1)3, 14(1)6, 14(1)8, 14(1)9, 14(2)19, 14(3)27, 15(1)4, 16(1)1, 16(1)2, 16(2)6, 16(3)9, 16(4)13, 16(4)17, 17(2)5, 17(4)13, 18(3)10, 18(4)12
arbitrary, 10(4)1, 10(4)2, 11(3)12, 13(4)38, 14(1)6, 14(1)13, 17(3)10
architecture, 2(2)177, 2(3)269, 4(3)289, 8(2)187, 10(4)6, 11(1)2, 11(1)3, 13(4)37, 14(1)3, 15(3)13, 16(1)1, 16(2)5, 16(3)11, 17(2)8, 18(2)8
attacker, 2(2)159, 8(1)78, 10(1)4, 10(4)3, 10(4)6, 11(3)12, 11(3)15, 12(1)4, 12(2)12, 12(3)17, 12(4)22, 13(4)37, 14(1)7, 14(1)13, 14(4)31, 15(4)16, 17(2)8, 17(3)11, 17(4)13, 17(4)16, 18(1)1, 18(2)7, 18(4)13
behavior, 2(3)295, 2(4)354, 10(4)6, 11(4)19, 12(1)5, 12(3)14, 12(3)19, 14(1)10, 14(4)32, 15(2)10, 15(3)14, 16(3)12, 17(2)8, 18(2)5, 18(2)7, 18(3)9
block, 10(1)4, 13(4)33, 13(4)39, 14(1)5, 14(1)12, 15(2)6, 16(1)2, 17(4)15
building, 10(1)4, 12(3)19
bypass, 11(4)22
C, 16(3)9
called, 1(1)3, 1(1)66, 2(1)105, 2(2)177, 2(3)269, 10(1)4, 11(1)3, 11(3)14, 12(3)15, 13(1)10, 13(3)26, 13(3)27, 14(1)13, 14(4)28, 15(2)9, 15(4)18, 16(2)6, 17(1)2, 17(3)10, 17(4)16, 18(1)3
category, 16(4)14
chain, 2(2)159, 10(4)3, 12(3)15, 14(1)5, 15(4)17, 18(2)7
code, 5(3)238, 6(2)258, 11(4)23, 12(2)10, 12(2)11, 12(3)14, 12(3)19, 13(1)10, 13(2)17, 13(3)21, 15(1)3, 15(2)10, 16(1)1, 16(2)6, 16(2)7, 16(3)9, 18(4)12
compiler, 13(3)21, 17(4)13
computation, 1(1)26, 2(3)332, 9(4)461, 11(2)6, 12(1)6, 13(3)22, 13(4)29, 14(1)5, 14(4)29, 14(4)31, 15(2)9, 16(3)11, 17(3)11
construct, 9(2)181, 12(1)3, 12(3)19, 13(4)36, 17(1)2, 17(2)7
context, 7(3)392, 10(1)2, 10(2)8, 10(3)12, 10(4)2, 11(3)13, 11(3)16, 12(3)18, 12(4)20, 14(1)2, 14(1)4, 15(2)8, 15(4)16, 17(2)7, 17(3)12, 18(3)10
defeat, 14(1)13, 14(3)27
demonstrate, 2(3)295, 10(1)4, 10(4)1, 10(4)4, 10(4)6, 11(1)3, 11(3)16, 11(4)22, 12(1)4, 12(3)19, 13(1)10, 13(4)30, 13(4)31, 13(4)38, 14(3)27, 15(1)4, 15(2)7, 15(3)12, 15(3)13, 15(4)16, 16(3)9, 16(3)10, 17(2)8, 17(3)10, 17(3)12, 17(4)16, 18(2)8, 18(4)12, 18(4)14
deployed, 10(3)11, 11(3)14, 13(3)26, 14(3)23, 15(2)6, 15(3)13, 15(4)16, 17(3)9, 18(1)1
describing, 1(1)66
different, 1(1)26, 1(1)93, 2(1)105, 2(2)138, 2(3)269, 10(1)2, 10(1)4, 10(4)4, 12(1)3, 12(3)14, 13(1)10, 13(3)27, 13(3)28, 14(1)4, 14(4)28, 15(2)7, 15(2)10, 16(1)3, 16(2)7, 16(3)9, 16(4)15, 17(2)7, 17(4)14, 18(1)1, 18(3)11
each, 2(1)65, 2(2)138, 2(4)390, 9(4)421, 9(4)461, 10(1)4, 10(2)8, 10(3)10, 10(3)12, 11(3)14, 11(4)18, 11(4)23, 12(1)6, 12(2)8, 12(2)10, 12(3)18, 12(4)20, 13(1)10, 13(4)29, 13(4)34, 14(3)25, 14(3)26, 14(3)27, 14(4)32, 15(2)6, 16(4)14, 16(4)17, 17(2)8, 17(3)10, 17(3)12, 17(4)13, 18(1)4
end, 9(4)461, 10(2)8, 14(2)19, 15(4)17, 17(3)10, 18(1)1, 18(2)7
entire, 2(1)105, 14(3)25
execution, 1(1)26, 10(4)3, 12(2)10, 12(2)11, 12(3)14, 14(1)6, 14(2)15, 14(4)32, 15(2)10, 15(3)13, 16(1)3, 16(2)6, 16(2)7, 18(1)2, 18(1)4
exploit, 2(4)416, 12(1)1, 12(2)11, 12(4)22, 13(3)28, 16(4)13, 17(1)1, 17(3)11
flow, 1(1)26, 1(1)93, 10(2)7, 12(1)5, 12(2)11, 13(3)26, 14(3)24, 16(1)1, 16(2)6, 18(2)8
general, 1(1)66, 2(1)65, 2(1)105, 2(2)159, 2(3)230, 2(3)269, 9(2)181, 9(4)391, 10(1)2, 10(4)1, 11(1)3, 12(1)2, 12(1)5, 12(3)18, 12(4)20, 13(3)28, 15(3)13, 16(1)2, 16(1)4, 16(2)7, 17(1)3, 17(1)4, 18(1)3, 18(3)10, 18(4)12
general-purpose, 11(4)18, 16(3)10
generalization, 12(1)5, 15(4)15
has, 1(1)93, 2(1)105, 2(2)138, 2(3)230, 2(3)269, 2(3)332, 9(4)391, 10(1)3, 10(1)4, 10(3)10, 11(1)2, 11(2)2, 11(3)14, 11(4)17, 11(4)19, 11(4)22, 11(4)23, 12(1)2, 12(2)9, 12(2)10, 12(3)15, 12(4)22, 13(3)20, 13(3)25, 13(3)26, 13(3)27, 13(3)28, 13(4)36, 14(1)3, 14(1)12, 14(1)14, 14(3)26, 14(4)28, 15(2)6, 15(2)10, 15(3)12, 16(2)8, 16(4)14, 17(1)2, 17(1)3, 17(3)9, 17(3)11, 17(4)14, 17(4)15, 17(4)16, 18(2)7, 18(3)11, 18(4)14
high-level, 9(2)181, 13(3)24, 15(2)8
induce, 16(2)6
instruction, 8(1)3, 16(2)7
introduce, 1(1)66, 1(1)93, 2(3)230, 2(4)390, 9(2)162, 10(1)2, 10(1)3, 10(4)2, 11(2)5, 11(3)12, 11(4)17, 12(1)1, 12(1)3, 12(1)5, 12(2)13, 12(3)14, 12(3)15, 12(4)20, 13(3)24, 13(3)27, 13(4)32, 14(1)3, 14(1)12, 16(2)7, 16(3)9, 16(3)12, 16(4)17, 17(2)7, 17(3)9
language, 2(1)65, 9(4)391, 9(4)421, 10(1)3, 10(2)8, 11(1)2, 11(1)4, 11(4)21, 12(1)1, 12(2)12, 13(3)20, 13(3)24, 13(3)26, 13(3)28, 14(1)9, 15(2)8, 16(1)3, 16(3)9, 16(4)17, 17(1)2, 17(1)3
level, high-, 9(2)181, 13(3)24, 15(2)8
library, 2(4)354, 10(2)8, 12(2)10, 14(4)31, 16(2)5, 16(3)9, 18(1)4
malicious, 2(2)177, 2(3)295, 10(3)11, 10(4)6, 11(2)2, 11(3)13, 11(3)14, 11(3)15, 11(4)22, 11(4)23, 12(2)12, 12(3)14, 14(1)13, 15(4)17, 16(2)6, 16(3)12, 16(4)13, 16(4)14, 17(3)10, 17(3)12, 17(4)13, 18(2)5
measure, 2(3)269, 2(3)295, 9(2)162, 10(4)5, 11(4)17, 12(3)17, 12(4)22, 13(3)22, 13(4)36, 16(2)6, 17(1)1, 18(1)1, 18(2)5
Microsoft, 13(1)10, 16(2)7, 17(4)14
more, 2(1)3, 2(1)65, 2(3)332, 9(2)181, 9(4)391, 9(4)421, 9(4)461, 10(1)4, 10(3)9, 10(4)1, 10(4)4, 10(4)6, 11(2)3, 11(2)4, 11(2)6, 11(3)14, 11(4)21, 12(1)1, 12(2)8, 12(2)10, 12(2)12, 12(2)13, 12(3)18, 13(1)10, 13(3)20, 13(3)21, 13(3)22, 13(3)28, 13(4)32, 13(4)34, 13(4)39, 14(3)27, 14(4)31, 15(1)5, 15(2)8, 15(2)9, 15(3)11, 15(3)12, 15(4)16, 16(1)2, 16(2)8, 16(3)10, 16(3)11, 16(4)17, 17(1)2, 17(1)3, 17(3)9, 17(4)14, 17(4)16, 18(1)1, 18(3)11, 18(4)13
multiple, 2(2)138, 2(2)177, 2(4)390, 11(1)4, 11(4)18, 11(4)22, 11(4)23, 12(1)3, 13(4)32, 13(4)36, 14(1)4, 14(1)6, 14(3)25, 14(4)31, 15(3)13, 15(4)16, 15(4)17, 18(4)13
power, 1(1)93, 9(2)162, 10(4)1, 12(2)10, 14(1)7, 14(1)8, 14(1)13, 18(2)5, 18(2)7
present, 1(1)26, 2(1)3, 2(1)65, 2(2)177, 2(3)230, 2(3)269, 2(3)295, 2(4)354, 7(2)319, 9(2)181, 9(4)461, 10(1)2, 10(2)7, 10(3)10, 10(3)11, 10(3)12, 10(4)2, 10(4)3, 11(1)2, 11(1)4, 11(2)2, 11(2)5, 11(3)14, 11(4)22, 12(1)2, 12(1)4, 12(2)10, 12(2)11, 12(3)14, 12(3)15, 12(3)16, 12(3)17, 12(4)22, 13(1)10, 13(3)20, 13(3)22, 13(3)25, 13(3)28, 13(4)29, 13(4)41, 14(1)4, 14(1)5, 14(1)6, 15(2)6, 15(2)8, 15(2)10, 15(3)12, 15(3)13, 15(4)16, 15(4)18, 16(2)6, 16(2)7, 16(4)13, 16(4)14, 17(1)4, 17(2)6, 17(2)7, 17(2)8, 17(3)9, 17(3)12, 17(4)14, 17(4)15, 17(4)16, 18(1)3, 18(1)4, 18(2)7, 18(3)9, 18(3)10, 18(3)11, 18(4)12, 18(4)14
prevent, 2(4)354, 13(1)10, 13(4)37, 14(1)11, 14(3)27, 15(2)10, 16(1)1, 16(1)3
preventing, 12(2)12, 15(3)13
program, 2(1)65, 2(3)332, 11(3)14, 12(1)1, 12(2)10, 12(2)11, 12(3)16, 12(3)19, 13(3)21, 14(3)24, 15(2)10, 16(2)7, 17(1)2, 17(3)11, 18(1)4
programming, 6(4)501, 10(2)7, 12(1)6, 15(2)8, 17(1)2
protection, 1(1)3, 1(1)26, 1(1)66, 1(1)93, 2(1)3, 2(1)34, 2(1)105, 2(2)138, 2(2)177, 2(3)230, 2(3)295, 2(4)354, 2(4)390, 10(1)3, 10(3)9, 11(4)20, 12(2)9, 12(2)11, 13(3)22, 14(3)24, 15(2)8, 16(2)6
purpose, general-, 11(4)18
readily, 16(3)11
recently, 2(4)416, 9(2)181, 13(3)26, 13(3)28, 13(4)37, 14(3)27, 15(2)7, 16(3)10, 16(4)14, 16(4)17, 17(4)14, 17(4)16, 18(1)1
return, 11(2)5, 12(3)16, 13(3)28
seek, 14(1)2
seen, 14(3)26, 18(4)14
sequence, 2(3)295, 10(2)8, 13(3)20, 13(4)35, 14(4)32, 15(2)10, 16(2)8
set, 2(1)34, 2(2)138, 2(4)390, 8(1)3, 9(4)421, 10(2)5, 10(3)12, 10(4)2, 10(4)3, 10(4)5, 11(2)1, 11(2)3, 11(3)13, 11(4)18, 11(4)21, 12(2)11, 12(3)18, 12(3)19, 12(4)20, 12(4)21, 13(1)9, 13(1)10, 13(3)27, 13(4)40, 14(1)12, 14(3)25, 14(4)31, 15(2)7, 15(2)10, 15(3)13, 15(4)15, 16(1)4, 17(1)2, 17(2)8, 17(3)11, 17(4)13, 17(4)14, 18(1)4, 18(3)10, 18(3)11
Shacham, Hovav, 7(4)553
short, 18(1)2
space, 2(3)295, 6(1)43, 6(3)327, 10(4)5, 12(2)8, 12(3)18, 12(3)19, 14(1)14, 18(4)13
standard, 2(3)230, 2(4)416, 4(3)224, 7(2)319, 10(2)8, 10(3)11, 10(3)12, 11(1)4, 11(2)4, 12(1)1, 12(3)18, 13(3)28, 13(4)35, 13(4)37, 13(4)41, 16(1)2, 16(1)3, 16(3)10, 16(4)15, 17(3)11, 17(4)16, 18(4)14
technique, 1(1)3, 2(2)138, 2(3)230, 2(3)295, 2(4)416, 7(2)274, 9(4)391, 9(4)461, 10(2)6, 10(3)9, 10(4)6, 11(2)2, 11(3)12, 11(3)16, 11(4)17, 11(4)18, 11(4)22, 12(1)4, 12(2)11, 12(2)13, 12(3)16, 12(3)18, 13(3)22, 13(3)25, 13(3)28, 13(4)32, 13(4)33, 13(4)35, 13(4)36, 13(4)39, 14(1)3, 14(1)5, 14(1)6, 14(1)13, 14(3)24, 14(4)32, 15(1)5, 15(2)7, 15(2)8, 15(3)12, 15(4)17, 15(4)18, 16(1)2, 16(2)6, 16(2)7, 16(3)11, 16(4)13, 16(4)14, 17(3)9, 17(3)12, 17(4)16, 18(1)2, 18(2)6, 18(3)11
threat, 7(4)489, 10(3)11, 11(2)2, 11(2)3, 12(2)12, 14(1)7, 14(3)24, 15(2)7, 16(2)6, 16(2)8, 16(3)9, 17(4)16, 18(2)5, 18(2)7, 18(4)12, 18(4)14
together, 2(1)3, 9(4)421, 12(4)20, 13(3)24, 14(3)23
traditional, 1(1)93, 2(3)269, 10(4)4, 11(4)22, 12(1)3, 12(2)10, 12(4)21, 14(1)3, 16(2)8, 17(1)2, 17(3)12, 17(4)14, 17(4)16, 18(2)7
translate, 13(3)28, 15(2)8
two, 1(1)26, 2(4)416, 9(4)391, 10(1)4, 10(2)6, 10(2)8, 10(3)10, 10(4)4, 11(2)1, 11(2)4, 11(2)6, 11(3)13, 11(4)22, 12(1)2, 12(1)3, 12(1)4, 12(1)6, 12(3)14, 12(4)20, 13(3)22, 13(3)27, 13(4)40, 14(1)4, 14(1)5, 14(4)30, 15(1)5, 15(2)6, 15(3)11, 15(3)12, 16(1)1, 16(1)2, 16(1)4, 16(3)9, 16(3)10, 16(4)15, 17(4)13, 18(2)5, 18(4)12, 18(4)13, 18(4)14
using, 2(2)138, 2(2)177, 2(3)332, 4(3)289, 6(2)258, 6(3)327, 9(2)113, 9(2)162, 9(2)181, 9(3)292, 9(3)325, 9(4)461, 10(1)4, 10(2)8, 10(3)11, 10(4)3, 10(4)6, 11(1)2, 11(2)1, 11(2)2, 11(2)3, 11(3)14, 11(4)19, 11(4)21, 12(2)10, 12(2)11, 13(1)2, 13(1)8, 13(3)20, 13(3)26, 13(4)31, 13(4)35, 13(4)39, 14(1)3, 14(1)12, 14(1)14, 14(3)27, 15(3)11, 15(3)12, 15(4)15, 15(4)17, 16(1)1, 16(1)2, 16(1)4, 16(2)5, 16(2)6, 16(3)10, 16(4)17, 17(1)1, 17(2)5, 17(3)10, 17(3)11, 17(4)13, 17(4)14, 17(4)16, 18(2)7, 18(2)8, 18(3)10, 18(3)11, 18(4)14
very, 1(1)3, 2(1)65, 2(3)269, 10(4)1, 11(2)5, 11(3)14, 11(4)18, 13(3)22, 13(3)27, 14(1)2, 15(3)12, 16(1)1, 16(3)11, 16(4)13, 17(3)10, 17(4)15, 17(4)16, 18(2)7, 18(3)11, 18(4)12, 18(4)14
whose, 11(4)17, 16(4)17, 18(2)5
wide, 11(4)19, 12(3)14, 13(3)21, 14(1)10, 15(4)15, 16(2)5, 16(2)7, 16(4)14, 16(4)17, 17(4)16