Research of ROP attack and defense technology based on ARM architecture

摘要

In recent years, with the development of mobile technology, almost all the smart phones and panel personal computers using the ARM architecture, and security issues on this platform arealso getting more and more attention from researchers. Attack of malicious tampering program flow control is one of the major attacks for the platform. Attackers use thevulnerability of stack overflow to write long data in internal storage which make it beyond its buffer capacity, cover the return address, and thus transfer to the attacker's malicious control flow. To defend this type of attack, the operating system was added with W + X protection mechanisms, viz.dataExecution Prevention (DEP). The hardware was realized by IntelXD(Execute Disable bit) technology, ND(No-Execute Page-Protection) of AMD technology and XN(eXecute Never) ARMtechnology. Return-oriented programming (ROP) isbased on this proposed defense technology.