iROP - Interesting ROP gadgets presented at SourceBoston 2015

by Xiaoning Li,

Summary : Today ROP based exploits are still very popular. Security solutions including EMET/KBouncer have designed different policies such as call-preceded ret location to detect/block ROP gadgets, at the same time control flow integrity becomes the popular proposal to solve ROP problem. But researcher finally found valid gadgets are still enough to create ROP chains. In this talk, we will discuss existing ROP defense approaches and evaluate new proposal like CFI/Shadow Stack with more powerful interesting gadgets.