A Run-time Non-invasive Approach to Defending against ROP and JOP Attacks

<For some reason, I cannot public it. But I'm planning to open it at some time later >

This blog presents an idea to defend against both ROP (Return-oriented Programming) and JOP (Jump-oriented Programming) attacks ...

It is a low-overhead, real-time, and non-invasive solution with no need target exploit binary/source change. 

References:

ROP
http://en.wikipedia.org/wiki/Return-oriented_programming

Return-oriented programming without returns, JOP
http://dl.acm.org/citation.cfm?id=1866370

Mitigating ROP via Last Branch Recording (kBouncer)
http://blogs.technet.com/b/srd/archive/2012/07/23/technical-analysis-of-the-top-bluehat-prize-submissions.aspx

http://www.cs.columbia.edu/~vpappas/papers/kbouncer.pdf

Hardware-assisted-cfi
https://www.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_TRUST/PubsPDF/hardware-assisted-cfi.pdf

ROPecker
http://www.mysmu.edu/phdis2008/yqcheng.2008/ROPecker-NDSS14.pdf



<For some reason, I cannot public it at this moment>