Microsoft announced that each of the three finalists in its $250,000 BlueHat Prize security contest came up with different solutions for blocking return-oriented programming (ROP), a technique often used to get around data execution prevention (DEP), which is one of Windows' primary anti-exploit technologies.
The BlueHat Prize competition features a $200,000 award for first place, $50,000 for second place, and a subscription to Microsoft's developer network, valued at $10,000, for third place. All three finalists worked alone and completed their work about two weeks before the deadline.
"I focused on ROP because it is the current state-of-the-art in exploit development and a burning issue in exploit prevention," says University of Zagreb researcher and finalist Ivan Fratric. His ROPGuard program checks each critical function call to determine if it is legitimate.
"I targeted ROP because it is currently the most-used technique to exploit fully-compiled software," says Harris Corp. researcher and finalist Jared DeMott. His /ROP program checks the target address of each return instruction and then compares it to a whitelist.
The third finalist, Columbia University Ph.D. student Vasilis Pappas, developed kBouncer, which involves checking the control path leading to a system call.
View Full Article
Abstracts Copyright © 2012 Information Inc. , Bethesda, Maryland, USA