Earlier this year, I participated in Microsoft's BlueHat Prize contest - a contest to design a novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities. A few days ago, Microsoft revealed the names of the three finalists, and I'm very happy to be one of them, together with Jared DeMott and Vasilis Pappas. Microsoft is taking the finalists to BlackHat USA 2012 conference in Las Vegas, where the winners will be announced on July 26.
My entry is called ROPGuard - it is a system for runtime prevention of Return-Oriented Programming (ROP) attacks. ROPGuard can detect currently used ROP exploits, it can be applied at runtime to any process and has a very low processing and memory overhead. This is going to be a very short post, but I'll most likely publish more info about my entry later, so if you're interested in more details, check back later on. You can also find a short interview with me and the other two finalists here.