acm-header
Sign In

Communications of the ACM

ACM TechNews

Finalists in Microsoft's $250k Contest Take on 'most-Pressing' Exploit Tactic


Dollar symbol

Credit: http://thingsllove.blogspot.com/

Microsoft announced that each of the three finalists in its $250,000 BlueHat Prize security contest came up with different solutions for blocking return-oriented programming (ROP), a technique often used to get around data execution prevention (DEP), which is one of Windows' primary anti-exploit technologies.

The BlueHat Prize competition features a $200,000 award for first place, $50,000 for second place, and a subscription to Microsoft's developer network, valued at $10,000, for third place. All three finalists worked alone and completed their work about two weeks before the deadline.

"I focused on ROP because it is the current state-of-the-art in exploit development and a burning issue in exploit prevention," says University of Zagreb researcher and finalist Ivan Fratric. His ROPGuard program checks each critical function call to determine if it is legitimate. 

"I targeted ROP because it is currently the most-used technique to exploit fully-compiled software," says Harris Corp. researcher and finalist Jared DeMott. His /ROP program checks the target address of each return instruction and then compares it to a whitelist.

The third finalist, Columbia University Ph.D. student Vasilis Pappas, developed kBouncer, which involves checking the control path leading to a system call.

From Computerworld
View Full Article

Abstracts Copyright © 2012 Information Inc. External Link, Bethesda, Maryland, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account