Zero-Sum Defender: Fast and Space-Efficient Defense against Return-Oriented Programming Attacks

Jeehong KIM  Inhyeok KIM  Changwoo MIN  Young Ik EOM  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E97-A   No.1   pp.303-305
Publication Date: 2014/01/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E97.A.303
Print ISSN: 0916-8508
Type of Manuscript: Special Section LETTER (Special Section on Cryptography and Information Security)
return-oriented programming,  malware defense,  software security,  

Full Text: PDF(282.9KB)>>
Buy this Article

Recently, return-oriented programming (ROP) attacks have been rapidly increasing. In this letter, we introduce a fast and space-efficient defense technique, called zero-sum defender, that can respond against general ROP attacks. Our technique generates additional codes, at compile time, just before return instructions to check whether the execution has been abused by ROP attacks. We achieve very low runtime overhead with very small increase in file size. In our experimental results, performance overhead is 1.7%, and file size overhead is 4.5%.