Microsoft Awards $200,000 To Researcher For His Work On Exploit Mitigation Technology
@smriti-ZtAJsx
•
Oct 21, 2024
Oct 21, 2024
1.4K
Vasilis Pappas, a Columbia University PhD student, was titled the winner of  the Microsoft BlueHat Prize contest for an exploit mitigation technology designed by the Security Researcher called "kBouncer". kBouncer's primary function is to detect and prevent return-oriented programming (ROP), a notorious vulnerability exploitation technique.
BlueHat Prize contest was launched by Microsoft last year at the Black Hat USA 2011 security conference with the purpose to motivate security researchers to develop new anti-exploitation techniques. The Grand Prize of $200,000 was won by Pappas at Las Vegas on Thursday.
#-Link-Snipped-#
ROP is a technique used in exploits that target memory safety vulnerabilities like buffer overflows, which leads to unauthorized execution of arbitrary code. This technique allows for smoother and reliable access  in modern operating systems for the attackers and circumvent security systems like Data Execution Prevention (DEP) or Address Space Layout Randomization (ASLR).
Pappas' technique was one among the 20 shortlisted entries for the BlueHat contest. The other two technologies that made into the final round of the BlueHat contest focused on ROP prevention as well. Ivan Fratric won second place and a $50,000 prize for his prevention technique called "ROPGuard" while third place was secured by Jared DeMott who won an MSDN subscription valued at $10,000 and a prize money of $10,000 for his concept titled "/ROP".
Source: #-Link-Snipped-#Â Image Credit: #-Link-Snipped-#
BlueHat Prize contest was launched by Microsoft last year at the Black Hat USA 2011 security conference with the purpose to motivate security researchers to develop new anti-exploitation techniques. The Grand Prize of $200,000 was won by Pappas at Las Vegas on Thursday.
#-Link-Snipped-#
ROP is a technique used in exploits that target memory safety vulnerabilities like buffer overflows, which leads to unauthorized execution of arbitrary code. This technique allows for smoother and reliable access  in modern operating systems for the attackers and circumvent security systems like Data Execution Prevention (DEP) or Address Space Layout Randomization (ASLR).
Pappas' technique was one among the 20 shortlisted entries for the BlueHat contest. The other two technologies that made into the final round of the BlueHat contest focused on ROP prevention as well. Ivan Fratric won second place and a $50,000 prize for his prevention technique called "ROPGuard" while third place was secured by Jared DeMott who won an MSDN subscription valued at $10,000 and a prize money of $10,000 for his concept titled "/ROP".
Source: #-Link-Snipped-#Â Image Credit: #-Link-Snipped-#