Automatic Generation of Multi-modules ROP Based on Static Instructions Assignment

doi:10.12141/j.issn.1000-565X.180255

Journal of South China University of Technology(Natural Science Edition) ›› 2019, Vol. 47 ›› Issue (6): 31-38.doi: 10.12141/j.issn.1000-565X.180255

• Computer Science & Technology • Previous Articles Next Articles

Automatic Generation of Multi-modules ROP Based on Static Instructions Assignment

HUANG Ning HUANG Shuguang HUANG Hui DENG Zhaokun

School of Electronic Warfare，National University of Defense Technology，Hefei 230037，Anhui，China

Received:2017-12-20 Revised:2019-01-20 Online:2019-06-25 Published:2019-05-05
Contact: 黄宁(1990-)，男，博士生，主要从事软件漏洞分析研究． E-mail:809848161@qq.com
About author:黄宁(1990-)，男，博士生，主要从事软件漏洞分析研究．
Supported by:
Supported by the National Key Research and Development Program“Cyberspace Security”(2017YFB0802905)

Abstract

Abstract: Return Oriented Programming (ROP) is a kind of technology to bypass the Data Execution Prevention (DEP)． Existing technologies for automatic ROP generation can not optimize the progress of instructions assign- ment for modules switching in multi-modules ROP payload，leading to the problem of large amounts of memory space are occupied． In order to solve this problem，a new static instructions assignment rule SIA for ROP modules switching was designed based on the automatic ROP generation system Q． SIA constructs intermediate sequence of instructions by static instructions assignment，and finds the address and modifies the pointers by dynamic data fill- ing． Experimental results show that，compared with the existing technologies，the multi-modules ROP payload gen- erated by SIA needs less memory space so that improve the practicability of ROP．

Key words: return oriented programming, data execution prevention, static instructions assignment, multi-mod- ules ROP

CLC Number:

TP311

HUANG Ning HUANG Shuguang HUANG Hui DENG Zhaokun. Automatic Generation of Multi-modules ROP Based on Static Instructions Assignment[J]. Journal of South China University of Technology(Natural Science Edition), 2019, 47(6): 31-38.

[1]	LIU Jiaqi GAO Mu. Incentive Mechanism of Crowdsensing Based on Loss Aversion [J]. Journal of South China University of Technology(Natural Science Edition), 2019, 47(8): 96-104.
[2]	. Formal Semantics of Operators of Normal Function Tables in Tabular Expressions [J]. Journal of South China University of Technology(Natural Science Edition), 2019, 47(2): 85-91.
[3]	HUANG Ning HUANG Shuguang LIANG Zhichao. Detection of Unlink Attack Based on Symbolic Execution [J]. Journal of South China University of Technology (Natural Science Edition), 2018, 46(8): 81-87.
[4]	LIN Weiwei WANG Zetao . Docker Cluster Scheduling Strategy Based on Genetic Algorithm [J]. Journal of South China University of Technology (Natural Science Edition), 2018, 46(3): 127-133.
[5]	Zhou Na-qin Qi De-yu. Parameterized Decomposition Tree-Based Obfuscation Method with Double Flattening Control Flow [J]. Journal of South China University of Technology (Natural Science Edition), 2015, 43(5): 132-138.
[6]	Du Qing Wang Qi-xuan Huang Dong-ping Cai Yi Wang Tao Min Hua-qing. Question Answering System Based on Social Relationship and Recommendation of the Best Answerer [J]. Journal of South China University of Technology (Natural Science Edition), 2015, 43(1): 132-139.
[7]	Li Mu- nan Su Jin- dian Fan Xia. A Novel Software Architecture Model for Pervasive Computing [J]. Journal of South China University of Technology (Natural Science Edition), 2014, 42(7): 40-48.
[8]	Han Di Pan Zhi-hong. Somatic Operation Based on Sensor of Android Mobile Devices [J]. Journal of South China University of Technology(Natural Science Edition), 2012, 40(9): 75-80.
[9]	Jin Lian-Yin Xi Jian-Qing Li Meng-Juan You Jin-Guo Liu Yong Miao De-Cheng. Dtrie-allpair: an Efficient Set T-Overlap Join Algorithm [J]. Journal of South China University of Technology(Natural Science Edition), 2012, 40(6): 109-117.
[10]	Huang Yu-long Xi Jian-qing Zhang Ping-jian Fang Xiao-lin Liu Yong. GBLHT: a GPU-Accelerated Linear Hash Table with Batch Insertion [J]. Journal of South China University of Technology(Natural Science Edition), 2012, 40(4): 49-56.
[11]	Liang Ru-bing Liu Qiong. KNN Query Technology of Mobile Terminals in Highway Networks [J]. Journal of South China University of Technology(Natural Science Edition), 2012, 40(1): 138-145,158.
[12]	Chen Wei Ding Qiu-lin Xie Qiang. Interactive Data Migration System and Its Approximately-detecting Efficiency Optimization [J]. Journal of South China University of Technology(Natural Science Edition), 2004, 32(2): 58-61.
[13]	. An Optimized Distributed Query Algorithm for Virtural Database System [J]. Journal of South China University of Technology(Natural Science Edition), 2003, 31(11): 24-29.
[14]	Wen Hu-i ying Zou Xian-min X u Jian-min. Development and Application of Transportation Database System for the Bus Station of Guangdong Province [J]. Journal of South China University of Technology(Natural Science Edition), 2003, 31(11): 61-64.
[15]	Fan Chong-gui Wen Jun Wen Gu-i hua Ding Y ue-hua. Product Model Based on Extended Object-oriented Petri Net [J]. Journal of South China University of Technology(Natural Science Edition), 2003, 31(10): 32-35.

Automatic Generation of Multi-modules ROP Based on Static Instructions Assignment

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments