Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

ROP is Still Dangerous - Breaking Modern Defenses

USENIX via YouTube

Overview

Explore a critical security presentation from USENIX Security '14 that examines the ongoing threat of Return Oriented Programming (ROP) and introduces three new attack methods capable of bypassing modern ROP defenses. Delve into the vulnerabilities of kBouncer and ROPecker, two low-overhead defense mechanisms designed for legacy software on existing hardware. Analyze real-world ROP attacks and learn how the presented techniques can effectively cloak them from detection. Gain insights into the weaknesses of CFI-based defenses and understand the implications for future security measures. The 17-minute talk covers topics including ROP background, normal execution patterns, non-call-preceded returns, attack detection methods, large NOP gadgets, history flushing, and the introduction of kBouncer++. Conclude by examining related work and discussing the broader implications for defensive strategies in cybersecurity.

Syllabus

Intro
Background
Return Oriented Programming
Normal Execution
Non-Call-Preceded Return
Detecting Attacks
Large NOP Gadget
History Flushing
Introducing kBouncer++
Call-Preceded Detector Insufficient
Defeating kBouncer++
Results
Related Work
Implication for Defenses

Taught by

USENIX

Reviews

Start your review of ROP is Still Dangerous - Breaking Modern Defenses

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.