Logical Analysis of One Formalization of Exploitation

Abstract

This report is a logical analysis of a formalization of an exploit called code reuse. There are instances of this exploit being used for attackson existing systems. The basic scenario is to look at an application as consisting of blocks of code that can be strung together differently than theusual flow of control in the application. This is usually effected via altering the return addresses on the program stack. Looked upon in this way,an application consists of a collection of high level instructions, one per code block. The attacker can then string together these code blocks tosuit his/her own purposes. The formalization, while not without its faults, represents an insightful method for understanding code reuse exploits.The analysis is performed using Distributed Logic.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 30, 2021
Accession Number
AD1147428

Entities

People

  • Gerald Allwein

Organizations

  • United States Naval Research Laboratory

Tags

DTIC Thesaurus Topics

  • Application Software
  • Computations
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Department Of Defense
  • Information Operations
  • Instructions
  • Language
  • Machines
  • Mathematical Models
  • Models
  • Permutations
  • Simulations
  • Standards
  • Transitions

Fields of Study

  • Computer science
  • Engineering

Readers

  • Computer Programming and Software Development.
  • Distributed Systems and Data Platform Development
  • Theoretical Analysis.