Show simple item record

dc.contributor.advisorGondree, Mark
dc.contributor.authorKeener, Lawrence
dc.dateDec-15
dc.date.accessioned2016-02-17T18:39:12Z
dc.date.available2016-02-17T18:39:12Z
dc.date.issued2015-12
dc.identifier.urihttp://hdl.handle.net/10945/47979
dc.descriptionApproved for public release; distribution is unlimiteden_US
dc.description.abstractWe consider a recently proposed information disclosure vulnerability called blind return-oriented programming (BROP). Under certain conditions, this attack allows a return-oriented programming attack against previously unknown binaries. We precisely enumerate the assumptions for a successful BROP attack to take place. We analyze prerequisite knowledge to perform a BROP attack, including the need to exploit a stack-based buffer overflow. In particular, we examine the types of buffer-handling functions and canaries that may render these functions useless for exploitation purposes. We survey network service binaries, to examine how often different BROP requirements are satisfied in real software, including the presence of certain gadgets and the behavior on crashes. We find if an optimized attack fails, a first principles BROP attack is unlikely to succeed. Our survey shows that certain required gadgets are rare, limiting a first principles attack.We show the presence of required gadgets fluctuates with binary version number and build conditions. The majority of the services we survey do not appear vulnerable to BROP due to missing gadgets or re-randomization on crash. We suggest some ameliorations that may further limit the applicability of this attack.en_US
dc.description.urihttp://archive.org/details/evaluatinggenera1094547979
dc.publisherMonterey, California: Naval Postgraduate Schoolen_US
dc.rightsCopyright is reserved by the copyright owner.en_US
dc.titleEvaluating the generality and limits of blind return-oriented programming attacksen_US
dc.typeThesisen_US
dc.contributor.secondreaderEagle, Chris
dc.contributor.departmentComputer Science
dc.contributor.departmentComputer Scienceen_US
dc.subject.authorBROPen_US
dc.subject.authorreturn-oriented programmingen_US
dc.subject.authorROPen_US
dc.subject.authorreturn-to-libcen_US
dc.subject.authorimplementation disclosure attacksen_US
dc.description.recognitionOutstanding Thesisen_US
dc.description.serviceCivilian, Vista Researchen_US
etd.thesisdegree.nameMaster of Science in Computer Scienceen_US
etd.thesisdegree.levelMastersen_US
etd.thesisdegree.disciplineComputer Scienceen_US
etd.thesisdegree.grantorNaval Postgraduate Schoolen_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record