Search the Dagstuhl Website
Looking for information on the websites of the individual seminars? - Then please:
Not found what you are looking for? - Some of our services have separate websites, each with its own search option. Please check the following list:
Schloss Dagstuhl - LZI - Logo
Schloss Dagstuhl Services
Within this website:
External resources:
  • DOOR (for registering your stay at Dagstuhl)
  • DOSA (for proposing future Dagstuhl Seminars or Dagstuhl Perspectives Workshops)
Within this website:
External resources:
Within this website:
External resources:
  • the dblp Computer Science Bibliography

Research Meeting 15294

The Continuing Arms Race: Code-Reuse Attacks and Defenses

( Jul 12 – Jul 15, 2015 )

(Click in the middle of the image to enlarge)

Please use the following short url to reference this page:



Dagstuhl Seminar Wiki

Shared Documents


The Continuing Arms Race: Code-Reuse Attacks and Defenses

Code reuse attacks pose a severe threat to modern software, silently breaching and infecting various systems ranging from desktop PCs to mobile and embedded systems. They can bypass many deployed defenses including data execution prevention and memory randomization (ASLR). The design and development of practical and effective defenses against code reuse attacks is extremely challenging and has recently become a hot research topic. Code-reuse with its most prominent instantiation return-oriented programming (ROP) may seem like a solved problem given the high scores of papers on possible defenses recently published on established security conferences. Unfortunately, many proposed defenses make assumptions that a sufficiently determined and resourced attacker can skirt, or require system changes that are highly challenging to transfer into practice; and frequently both.

This seminar will bring together researchers and practitioners to analyze the state-of-the-art in code reuse attacks and mitigations, to devise improved approaches, and to establish a roadmap for future research and practice.

Keywords Code-reuse attacks, code-reuse mitigations, return-oriented programming, control-flow integrity, software diversity, compilation, binary rewriting, JIT-compilation, operating systems, browsers