本論文設計了一套解決方案,名為 ROPRD ,透過修改 Linux Kernel 及 Binary Rewrite,在盡量不影響系統架構及效能的狀況下,來達成 ROP 攻擊的即時偵測。;Return-Oriented Programming (ROP) is a common Buffer-Overflow Attack. The attacker can collect some machine code in the program, which called ′Gadget′, combine those gadgets, and change the return address on the stack. This will cause the program execution process to be controlled by the attacker.
We design a solution called ROPRD. We can detect ROP attacks in real-time without affecting the system architecture and performance by modifying Linux Kernel and using binary rewrite tool.
