Tuesday, March 2, 01:20
Home inet Intel Eliminates ROP Attacks !!!

Intel Eliminates ROP Attacks !!!

The giant of technology Intel he thought of a plan to defeat the attacks using ROP (return-oriented programming) to exploit the memory loopholes. The flat-chip design will prevent malware from infecting computers at the processor level.
The new measures are reviewed by Intel, where it describes CET (Control-Flow Enforcement Technology) and its attempt to overcome ROP and JOP (jump-oriented programming).

The goal of CET is to cover an opening in defense capabilities against these two opposing types that offer protection for applications and manage complementary cores.

Attackers can use ROP and JOP to execute malicious code and bypass operating system security measures such as non-executable memories and code signature.

Baidu Patel, Director of Security Architecture for Intel Platform and Software and Services Strategy Group, said:

"ROP or JOP attacks are particularly difficult to detect or prevent, because an attacker uses pre-existing code running from executable memory in a creative way to change the behavior of the program. "


"What makes it difficult to detect or prevent ROP / JOP is that an attacker uses existing code that runs from the executable memory. Many software-based detection and prevention techniques have been developed and continue to grow with limited success. "

CET works by inserting a shadow stack - which contains only return addresses, is held in the system RAM, and is protected by the CPU memory management module. These shadow stacks are isolated from the data stack and protected from tampering.

CET focuses on Call and Return instructions and compares a return address stored in shadow stack data. If the addresses are not merged until, an exception is highlighted.

According to Patel, a CET spec is the perfecting of the techniques that Intel and Microsoft have jointly developed over 7 year-round and during predicting an extensive counterclaim against ROP / JOP attacks.


Please enter your comment!
Please enter your name here