Close

Presentation

RiscyROP: Automated Return-Oriented Programming Attacks on RISC-V and ARM64
TimeWednesday, July 13th6pm - 7pm PDT
LocationLevel 2 Lobby
Event Type
Networking Reception
Work-in-Progress Poster
DescriptionRISC architectures like RISC-V and ARM64 pose challenges for
return-oriented programming (ROP) that significantly reduce the
gadget space available to the attacker. Consequently, existing ROP
gadget tools cannot be applied to these architectures. Previous
work on RISC-V provides manual ROP attacks against self-written
programs and no analysis has been conducted for ARM64 yet.

We present RiscyROP, the first automated ROP gadget tool
for RISC-V and ARM64. RiscyROP constructs gadgets based on
symbolic execution and automatically generates complex chains for
arbitrary function calls. Our approach enables the first investigation
of the gadget space on RISC-V and ARM64 real-world binaries.