Synthesis of code-reuse attacks from p-code programs
We present a new method for automatically synthesizing code-reuse attacks—for example, using Return Oriented Programming—based on mechanized formal logic. Our method reasons about machine code via abstraction to the p-code intermediate language of Ghidra, a well-established software reverse-engineer...
| Main Authors: | , |
|---|---|
| Format: | Conference item |
| Language: | English |
| Published: |
Association for Computing Machinery
2025
|
| _version_ | 1824459010142633984 |
|---|---|
| author | Melham, TF DenHoed, M |
| author_facet | Melham, TF DenHoed, M |
| author_sort | Melham, TF |
| collection | OXFORD |
| description | We present a new method for automatically synthesizing
code-reuse attacks—for example, using Return Oriented
Programming—based on mechanized formal logic. Our
method reasons about machine code via abstraction to the
p-code intermediate language of Ghidra, a well-established
software reverse-engineering framework. This allows it to
be applied to binaries of essentially any architecture, and
provides certain technical advantages. We define a formal
model of a fragment of p-code in propositional logic, enabling analysis by automated reasoning algorithms. We then
synthesize code-reuse attacks by identifying selections of gadgets that can emulate a given p-code reference program. This
enables our method to scale well, in both reference program
and gadget library size, and facilitates integration with external tools. Our method matches or exceeds the success rate of
state-of-the-art ROP chain synthesis methods while providing
improved runtime performance. |
| first_indexed | 2025-02-19T04:34:59Z |
| format | Conference item |
| id | oxford-uuid:906d32ca-407c-4cab-beab-b90200f81d65 |
| institution | University of Oxford |
| language | English |
| last_indexed | 2025-02-19T04:34:59Z |
| publishDate | 2025 |
| publisher | Association for Computing Machinery |
| record_format | dspace |
| spelling | oxford-uuid:906d32ca-407c-4cab-beab-b90200f81d652025-01-27T11:40:20ZSynthesis of code-reuse attacks from p-code programsConference itemhttp://purl.org/coar/resource_type/c_5794uuid:906d32ca-407c-4cab-beab-b90200f81d65EnglishSymplectic ElementsAssociation for Computing Machinery2025Melham, TFDenHoed, MWe present a new method for automatically synthesizing code-reuse attacks—for example, using Return Oriented Programming—based on mechanized formal logic. Our method reasons about machine code via abstraction to the p-code intermediate language of Ghidra, a well-established software reverse-engineering framework. This allows it to be applied to binaries of essentially any architecture, and provides certain technical advantages. We define a formal model of a fragment of p-code in propositional logic, enabling analysis by automated reasoning algorithms. We then synthesize code-reuse attacks by identifying selections of gadgets that can emulate a given p-code reference program. This enables our method to scale well, in both reference program and gadget library size, and facilitates integration with external tools. Our method matches or exceeds the success rate of state-of-the-art ROP chain synthesis methods while providing improved runtime performance. |
| spellingShingle | Melham, TF DenHoed, M Synthesis of code-reuse attacks from p-code programs |
| title | Synthesis of code-reuse attacks from p-code programs |
| title_full | Synthesis of code-reuse attacks from p-code programs |
| title_fullStr | Synthesis of code-reuse attacks from p-code programs |
| title_full_unstemmed | Synthesis of code-reuse attacks from p-code programs |
| title_short | Synthesis of code-reuse attacks from p-code programs |
| title_sort | synthesis of code reuse attacks from p code programs |
| work_keys_str_mv | AT melhamtf synthesisofcodereuseattacksfrompcodeprograms AT denhoedm synthesisofcodereuseattacksfrompcodeprograms |