Return-Oriented Vulnerabilities in ARM Executables

Supplement: IEEE 2012 Conference on Technology for Homeland Security: Best Papers

ABSTRACT: Awarded Best Paper, Cyber Security

Return-oriented programming is a method of computer exploit technique which is growing in popularity among attackers because it enables the remote execution of arbitrary code without the need for code injection. Return-to-LibC (Ret2LibC) is the most common return-oriented attack in use today, allowing an attacker to leverage control of the stack to execute common library functions which are already present on the target system, such as LibC. ARMbased processors, commonly used in embedded systems, are not directly vulnerable to Ret2LibC attacks because function arguments in the ARM are passed through registers rather than the stack. In 2011 Itzhak Avraham presented a new Return-to- Zero-Protection (Ret2ZP) attack against ARM processors which enables the same control as a Ret2LibC attack. Our research contribution is to provide a formal definition of the Ret2ZP attack and to define an algorithm to detect vulnerabilities to Ret2ZP in ARM executables. Our algorithm for detecting vulnerabilities can be used to screen executables for vulnerabilities before they are deployed.  Download the full article.

download the full issue pdf
Download the full issue pdf

Suggested Citation

Huang, Zi-Shun, and Ian G. Harris. “Return-Oriented Vulnerabilities in ARM Executables.” Homeland Security Affairs, IEEE 2012 Conference on Technology for Homeland Security: Best Papers (November 2012).

This article was originally published at the URL

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top