Survey of Code Reuse Attacks and Comparison of Mitigation Techniques

Abstract

Code-Reuse Attacks (CRAs) are solid mechanisms to bypass advanced software and hardware defenses. Due to vulnerabilities found in software which allows attackers to corrupt the memory space of the vulnerable software to modify maliciously the contents of the memory; hence controlling the software to be able to run arbitrary code. The CRAs defenses either prevents the attacker from reading program code, controlling program memory space directly or indirectly through the usage of pointers. This paper provides a thorough evaluation of the current mitigation techniques against CRAs with regards to impact on performance, coverage, and efficiency of those techniques.