Find in Library

Code reuse attacks make use of binary code existed in the attacked target to perform attack action, such technique breaks out the traditional assumption that malicious behavior always be introduced from the outside，it is representative sample of the advanced memory corruption techniques and also the focus of attention in the software security research field. The generation background and implementation principle were described firstly, and then the recent progresses of the technique, including improvement and variants, implementation methods under the different architecture platforms, automatic construction and important extension including blind ROP and non-control data attacks based on code reuse attacks, were introduced respectively. Various defense mechanisms and possible counter-defense methods for code reuse attacks were also discussed. Finally a perspective of the future work in this research area was discussed.