We introduce return-oriented programming, a technique by which an attacker can induce
arbitrary behavior in a program whose control flow he has diverted, without injecting any …

The wide adoption of non-executable page protections in recent versions of popular
operating systems has given rise to attacks that employ return-oriented programming (ROP) …

Prior work has shown that return oriented programming (ROP) can be used to bypass W⊕
X, a software defense that stops shellcode, by reusing instructions from large libraries such …

Modern runtime attacks increasingly make use of the powerful return-oriented programming
(ROP) attack techniques and principles such as recent attacks on Apple iPhone and Acrobat …

Through randomization of the memory space and the confinement of code to non-data
pages, computer security researchers have made a wide range of attacks against program …

Recently, many defenses against the offensive technique of return-oriented programming
(ROP) have been developed. Prominently among them are kBouncer, ROPecker, and …

Code reuse attacks (CRAs) are recent security exploits that allow attackers to execute
arbitrary code on a compromised machine. CRAs, exemplified by return-oriented and jump …

Return-oriented programming (ROP) has gained a lot of popularity lately, as an attack
against currently implemented defenses in modern operating systems. Several kinds of ROP …

Control-flow integrity (CFI) plays a very important role in defending against code reuse
attacks by protecting the control flows of programs from being hijacked. However, previous …

Software monoculture is a significant liability from a computer security perspective. Single
attacks can ripple through networks and affect large numbers of vulnerable systems. A …