{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:17:01Z","timestamp":1763468221251},"publisher-location":"Cham","reference-count":32,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319113784"},{"type":"electronic","value":"9783319113791"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-319-11379-1_5","type":"book-chapter","created":{"date-parts":[[2014,8,19]],"date-time":"2014-08-19T23:14:54Z","timestamp":1408490094000},"page":"88-108","source":"Crossref","is-referenced-by-count":36,"title":["Evaluating the Effectiveness of Current Anti-ROP Defenses"],"prefix":"10.1007","author":[{"given":"Felix","family":"Schuster","sequence":"first","affiliation":[]},{"given":"Thomas","family":"Tendyck","sequence":"additional","affiliation":[]},{"given":"Jannik","family":"Pewny","sequence":"additional","affiliation":[]},{"given":"Andreas","family":"Maa\u00df","sequence":"additional","affiliation":[]},{"given":"Martin","family":"Steegmanns","sequence":"additional","affiliation":[]},{"given":"Moritz","family":"Contag","sequence":"additional","affiliation":[]},{"given":"Thorsten","family":"Holz","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"5_CR1","unstructured":"Mplayer (r33064 lite) buffer overflow + ROP exploit (2011), http:\/\/www.exploit-db.com\/exploits\/17124\/"},{"key":"5_CR2","unstructured":"Microsoft BlueHat Prize (2012), http:\/\/www.microsoft.com\/security\/bluehatprize\/"},{"key":"5_CR3","unstructured":"Advanced Micro Devices. AMD64 Architecture Programmers Manual Volume 2: System Programming, Publication no. 24593 Rev. 3.24 (December 2013)"},{"key":"5_CR4","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1145\/1966913.1966919","volume-title":"Proceedings of ACM Symposium on Information, Computer and Communications Security (ASIACCS)","author":"T. Bletsch","year":"2011","unstructured":"Bletsch, T., Jiang, X., Freeh, V.W., Liang, Z.: Jump-oriented programming: A new class of code-reuse attack. In: Proceedings of ACM Symposium on Information, Computer and Communications Security (ASIACCS), pp. 30\u201340. ACM, New York (2011)"},{"key":"5_CR5","unstructured":"Checkoway, S.: Return-oriented programming\u2019s status is unchanged. Blog (October 2013), https:\/\/www.cs.jhu.edu\/~s\/musings\/rop.html"},{"key":"5_CR6","first-page":"559","volume-title":"Proceedings of ACM Conference on Computer and Communications Security (CCS)","author":"S. Checkoway","year":"2010","unstructured":"Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A.-R., Shacham, H., Winandy, M.: Return-oriented programming without returns. In: Proceedings of ACM Conference on Computer and Communications Security (CCS), pp. 559\u2013572. ACM, New York (2010)"},{"key":"5_CR7","unstructured":"Chen, W.: Here\u2019s that FBI Firefox exploit for you (CVE-2013-1690) (August 2013), https:\/\/community.rapid7.com\/community\/metasploit\/blog\/2013\/08\/07\/heres-that-fbi-firefox-exploit-for-you-cve-2013-1690"},{"key":"5_CR8","doi-asserted-by":"crossref","unstructured":"Cheng, Y., Zhou, Z., Yu, M., Ding, X., Deng, R.H.: ROPecker: A generic and practical approach for defending against ROP attacks. In: Symposium on Network and Distributed System Security, NDSS (2014)","DOI":"10.14722\/ndss.2014.23156"},{"key":"5_CR9","unstructured":"Dullien, T., Kornau, T., Weinmann, R.-P.: A framework for automated architecture-independent gadget search. In: USENIX Workshop on Offensive Technologies, WOOT (2010)"},{"key":"5_CR10","unstructured":"Fratric, I.: Runtime Prevention of Return-Oriented Programming Attacks, http:\/\/ropguard.googlecode.com\/svn-history\/r2\/trunk\/doc\/ropguard.pdf"},{"key":"5_CR11","unstructured":"Fratric, I.: My BlueHat prize entry: ROPGuard \u2013 runtime prevention of return-oriented programming attacks. Blog (August 2012), http:\/\/ifsec.blogspot.de\/2012\/08\/my-bluehat-prize-entry-ropguard-runtime.html"},{"key":"5_CR12","doi-asserted-by":"crossref","unstructured":"G\u00f6kta\u015f, E., Athanasopoulos, E., Bos, H., Portokalidis, G.: Out of control: Overcoming control-flow integrity. In: IEEE Symposium on Security and Privacy (2014)","DOI":"10.1109\/SP.2014.43"},{"key":"5_CR13","unstructured":"Homescu, A., Stewart, M., Larsen, P., Brunthaler, S., Franz, M.: Microgadgets: Size Does Matter in Turing-Complete Return-Oriented Programming. In: USENIX Workshop on Offensive Technologies, WOOT (2012)"},{"key":"5_CR14","unstructured":"Hund, R., Holz, T., Freiling, F.C.: Return-oriented rootkits: Bypassing kernel code integrity protection mechanisms. In: USENIX Security Symposium (2009)"},{"key":"5_CR15","unstructured":"Intel. Intel 64 and IA-32 architectures software developers manual, volume 1, 2A, 2B, 2C, 3A, 3B and 3C, 325462-048US (September 2013)"},{"key":"5_CR16","unstructured":"Joly, N.: Advanced exploitation of Internet Explorer 10 \/ Windows 8 overflow, Pwn2Own 2013 (2013), http:\/\/www.vupen.com\/blog\/20130522.Advanced_Exploitation_of_IE10_Windows8_Pwn2Own_2013.php"},{"key":"5_CR17","unstructured":"Krahmer, S.: x86-64 buffer overflow exploits and the borrowed code chunks exploitation technique (2005), http:\/\/users.suse.com\/~krahmer\/no-nx.pdf"},{"key":"5_CR18","first-page":"190","volume-title":"SIGPLAN Not.","author":"C.-K. Luk","year":"2005","unstructured":"Luk, C.-K., Cohn, R., Muth, R., Patil, H., Klauser, A., Lowney, G., Wallace, S., Reddi, V.J., Hazelwood, K.: Pin: Building customized program analysis tools with dynamic instrumentation. In: SIGPLAN Not., vol.\u00a040(6), pp. 190\u2013200. ACM, New York (2005)"},{"key":"5_CR19","unstructured":"Microsoft Corporation. Enhanced mitigation experience toolkit 4.1\u2014user guide (2013)"},{"key":"5_CR20","unstructured":"Microsoft Developer Network. Argument passing and naming conventions, http:\/\/msdn.microsoft.com\/en-us\/library\/984x0h58.aspx"},{"key":"5_CR21","unstructured":"Microsoft Developer Network. C run-time library reference: _onexit (2012), http:\/\/msdn.microsoft.com\/en-us\/library\/zk17ww08.aspx"},{"key":"5_CR22","unstructured":"Microsoft Security Research & Defense. Introducing enhanced mitigation experience toolkit (EMET) 4.1 (November 2013), http:\/\/www.microsoft.com\/security\/bluehatprize\/"},{"key":"5_CR23","unstructured":"Nergal. The advanced return-into-lib(c) exploits: PaX case study (2001), http:\/\/phrack.org\/issues\/58\/4.html"},{"key":"5_CR24","unstructured":"Pappas, V.: kBouncer: Efficient and transparent ROP mitigation, http:\/\/www.cs.columbia.edu\/~vpappas\/papers\/kbouncer.pdf"},{"key":"5_CR25","unstructured":"Pappas, V., Polychronakis, M., Keromytis, A.D.: Transparent ROP exploit mitigation using indirect branch tracing. In: USENIX Security Symposium (2013)"},{"key":"5_CR26","unstructured":"Portnoy, A.: Bypassing all of the things (2013), https:\/\/www.exodusintel.com\/files\/Aaron_Portnoy-Bypassing_All_Of_The_Things.pdf"},{"key":"5_CR27","unstructured":"Rapid7 Vulnerability & Exploit Database. Nginx HTTP server 1.3.9\u20131.4.0 chunked encoding stack buffer overflow (2013), http:\/\/www.rapid7.com\/db\/modules\/exploit\/linux\/http\/nginx_chunked_size"},{"key":"5_CR28","doi-asserted-by":"crossref","unstructured":"Roemer, R., Buchanan, E., Shacham, H., Savage, S.: Return-oriented programming: Systems, languages, and applications. ACM Transactions on Information and System Security\u00a015(1), 2:1\u20132:34 (2012)","DOI":"10.1145\/2133375.2133377"},{"key":"5_CR29","unstructured":"Russinovich, M., Solomon, D.A., Ionescu, A.: Windows Internals, Part 1, 6th edn. Microsoft Press (2012)"},{"key":"5_CR30","doi-asserted-by":"crossref","unstructured":"Schuster, F., Tendyck, T., Pewny, J., Maa\u00df, A., Steegmanns, M., Contag, M., Holz, T.: Evaluating the effectiveness of current anti-ROP defenses. Technical Report TR-HGI-2014-001, Ruhr-Universit\u00e4t Bochum (May 2014), http:\/\/syssec.rub.de\/research\/publications\/Evaluating-Anti-ROP-Defenses\/","DOI":"10.1007\/978-3-319-11379-1_5"},{"key":"5_CR31","unstructured":"Schwartz, E.J., Avgerinos, T., Brumley, D.: Q: Exploit hardening made easy. In: USENIX Security Symposium (2011)"},{"key":"5_CR32","doi-asserted-by":"crossref","unstructured":"Snow, K.Z., Monrose, F., Davi, L., Dmitrienko, A., Liebchen, C., Sadeghi, A.-R.: Just-in-time code reuse: On the effectiveness of fine-grained address space layout randomization. In: IEEE Symposium on Security and Privacy (2013)","DOI":"10.1109\/SP.2013.45"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-11379-1_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,14]],"date-time":"2019-08-14T00:03:50Z","timestamp":1565741030000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-11379-1_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783319113784","9783319113791"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-11379-1_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2014]]}}}