Return-Oriented Programming (ROP) is an effective attack technique that can escape modern defenses such as DEP. ROP is based on repeated abuse of existing code snippets ending with return instructions (called gadgets), as compared to using injected code. Several defense mechanisms have been proposed to counter ROP by enforcing policies on the targets of return instructions, and/or their frequency. However, these policies have been repeatedly bypassed by more advanced ROP attacks. While stricter policies have the potential to thwart ROP, they lead to incompatibilities which discourage their deployment. In this work, we address this challenge by presenting a principled approach for ROP defense on COTS binaries. Our experimental evaluation shows that our approach enforces a stronger policy, while offering better compatibility and performance as compared to previous research. Our prototype is compatible with many real-world and low-level programs. On SPEC 2006 benchmark program, it adds...
Rui Qiao, Mingwei Zhang, R. Sekar