1. 2

  2. 1

    This sounds nonsense at first and abstract is not exactly helpful, so here’s a summary. The key is Intel Processor Trace(IPT). Using IPT, ROP chain exploit execution is detected online and terminated. Deep learning model is trained on normal execution derived from disassembled binary as good, and abnormal execution generated by connecting potential ROP gadgets randomly.