Abstract
AbstractNon-executable memory pages were deployed in operating systems in order to defend against code injection attacks. However, it was bypassed by reusing codes that already exist in the process memory which have the execute permission. The Return-Oriented Programming (ROP), of the most well-known code reuse attack, has been developed and widely used to exploit systems. ROP hijacks the control flow and returns to the middle of instruction sequences that end with a return instruction. These instruction sequences are called gadgets. Researchers proposed many ROP defense mechanisms which mostly relied on the fact that ROP executes many return instructions. Proposed defenses however, are not fundamental defenses. Researches found that the concept of ROP can be implemented in Linux using jump instructions instead of return instructions, therefore successfully bypassing ROP defenses. However, no research was done on implementing the attack on non-Linux systems. In this paper, we show the possibility of implementing JOP (Jump Oriented Programming) attack model on Windows platform by presenting example gadgets and propose an algorithm for searching JOP gadgets in Dynamic Link Libraries.KeywordsSecurityJump Oriented ProgrammingCode Reuse Attack
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
