Download now Free registration required
The authors introduce return-oriented programming, a technique by which an attacker can induce arbitrary behavior in a program whose control flow he has diverted - without injecting any code. A return-oriented program chains together short instruction sequences already present in a program's address space, each of which ends in a "Return" instruction. Return-oriented programming is readily exploitable on multiple architectures and systems, and bypasses an entire category of security measures: those that seek to prevent malicious computation by preventing the execution of malicious code.
- Format: PDF
- Size: 616.26 KB