Return-Oriented Programming (ROP) is a sophisticated exploitation technique that is able to drive target applications to perform arbitrary unintended operations by constructing a gadget chain reusing existing small code sequences (gadgets). Existing defense mechanisms either only handle specific types of gadgets, require access to source code and/or a customized compiler, break the integrity of the binary code, or suffer from high performance overhead. In this paper, we present a novel system, ROPecker, to efficiently and effectively defend against ROP attacks without relying on any other side information (e.g., source code and compiler support) or binary rewriting. ROPecker detects an ROP attack at run-time by checking the presence of a sufficiently long chain of gadgets in past and future execution flow, with the assistance of the taken branches recorded in the Last Branch Record (LBR) registers and an efficient technique combining offline analysis with run-time emulation. We also design a sliding window mechanism to invoke the detection logic in proper timings, which achieves both high detection accuracy and efficiency. We build an ROPecker prototype on x86-based Linux computers and evaluate its security effectiveness and performance overhead. In our experiment, ROPecker can detect all ROP attacks from real-world examples and generated by the general-purpose ROP compiler Q. It only incurs acceptable performance overhead on CPU computation, disk I/O and network I/O. ROP Types No Source No Binary Run-time Code Rewriting Efficiency DROP [9] Ret-based √ X X ROPDefender [13] Ret-based √ X X ROPGuard [15] Ret-based √ X √ Return-less Kernel [18] Ret-based X √ √
In a traditional ciphertext-policy attribute-based encryption (CP-ABE) scheme, an access structure, also refereed to as ciphertext-policy, is sent along with a ciphertext explicitly, and anyone who obtains a ciphertext can know the access structure associated with the ciphertext. In certain applications, access structures contain sensitive information and must be protected from everyone except the users whose private key attributes satisfy the access structures.In this paper, we first propose a new model for CP-ABE with partially hidden access structures. In our model, each attribute consists of two parts: an attribute name and its value; if the private key attributes of a user do not satisfy the access structure associated with a ciphertext, the specific attribute values of the access structure are hidden, while other information about the access structure is public.Based on the CP-ABE scheme proposed by Lewko et al. [14] recently, we then present an efficient construction of CP-ABE with partially hidden access structures. Compared to previous works in this field, our construction is more flexible and expressive and is proven fully secure in the standard model.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.