Electronic security has evolved into a more prominent concern as people are increasingly conducting personal and/or confidential transactions electronically. In addition, hackers and/or others with malicious intent are becoming increasingly more creative in circumventing existing security measures in devices. To combat evolving and pervasive incursions by malware and/or viruses, equipment and/or software manufacturers are continuing to make protection measures more intrinsic to the hardware of new devices. For example, in response to situations wherein foreign code is injected into programs to steal information from, or even take over control of, a device, new protection schemes including code signing and non-executable memory segments were implemented. These security provisions allow programs to be authenticated and even for certain vulnerable code to be marked as non-executable at the hardware level. For example, attempts to inject foreign code or to execute protected code would cause hardware control resources in a processor such as a hypervisor to intervene to protect the integrity of the system.
However, enterprising programmers figured out a way to circumvent these protections. For example, in return-oriented programming (ROP) an attacker may hijack the control flow of a device to access certain program functions (e.g., gadgets). A gadget may, in general, comprise a set of program instructions. For example, gadgets may include portions of programs that may support rudimentary functionality essential to program operation (e.g., reading data, writing date, mathematical operations, etc.). When executed in the manner, sequence, etc. intended by programmers of beneficial software, gadgets have no ill effect on a device operation. However, upon wresting control of the control flow in a device, it is possible for gadgets to be manipulated (e.g., to be invoked in different sequences, with different arguments, etc.) to result in operations totally different from what was originally intended, and that may be able to overcome existing protection schemes. Moreover, currently proposed security measures to protect against ROP are either very difficult to implement or may be possible to overcome through a brute force attack.
Although the following Detailed Description will proceed with reference being made to illustrative embodiments, many alternatives, modifications and variations thereof will be apparent to those skilled in the art.