Abstract:

Code reuse attacks make use of binary code existed in the attacked target to perform attack action,such technique breaks out the traditional assumption that malicious behavior always be introduced from the outside，it is representative sample of the advanced memory corruption techniques and also the focus of attention in the software security research field.The generation background and implementation principle were described firstly,and then the recent progresses of the technique,including improvement and variants,implementation methods under the different architecture platforms,automatic construction and important extension including blind ROP and non-control data attacks based on code reuse attacks,were introduced respectively.Various defense mechanisms and possible counter-defense methods for code reuse attacks were also discussed.Finally a perspective of the future work in this research area was discussed.

Key words: software security, code reuse, return-oriented programming (ROP), research progress 版权 © 2019 《网络与信息安全学报》编辑部
地址：北京市丰台区东铁匠营街道顺八条1号院B座“北阳晨光大厦”2层
邮编：100079   电话：010-53879136/53879138/53879139
电子邮件：[email protected]