 As technology becomes increasingly pervasive in our lives, users and systems become more and more vulnerable to attacks. What's secure? What represents a real threat? And when is it okay to click on a link? Today, various solutions exist against external and internal threats, such as antivirus programs, firewalls, intrusion prevention systems, penetration testing, and even user education. All are designed to detect when a problem exists, or prevent further damage once a breach has been detected. But these solutions aren't always enough. Take for example zero-day threats. These attacks exploit undetected vulnerabilities in applications and may have been exploited by hackers for weeks, months, or even years. The goal of our moving target defense technology is to take action before and during the hijacking attempt to prevent it from succeeding in the first place. How does it work? Imagine a computer program as a sequence of steps that are followed, similar to a recipe for making a cake. An attacker who studied our recipe book and kitchen cabinets can take this cake recipe and make bread with it instead. All he has to do is play around with the order of the steps, skip some, and modify others. In software security, this type of attack is known as return-oriented programming, or ROP. It's one of the most common attacks used in almost every exploit attack chain. But to carry out a ROP attack, attackers must know in advance where the pieces they need are. So they download a common app, study its binary code, and search for the pieces that build the attack, hoping the copy of the software under attack is the same as theirs. And usually this works. Our moving target defense solution stays several steps ahead of the attacker. The anti-ROP defense constantly, preemptively, moves around the cake ingredients, or the vulnerable aspects of an application. In this way, attackers can't find the different pieces of code they need and use them to hijack the device. Let's go back to the cake recipe example. If we change the place of add flour and add sugar, but keep their order of execution, that makes no difference to us. But this represents a big problem for the attacker. He can't find the flour and the eggs aren't where he expects them to be. Despite the attack, the regular recipe is followed, producing the desired outcome of cake, and preventing the attacker's attempt to make bread. In short, the anti-ROP moving defense removes the fear of clicking a link, image, or PDF file, blocks zero-day threats, detects attacks by adding traps, and has no runtime components and minimal performance impact. Our solution can be installed to run on any application, improving security, fortifying defenses against breaches, and lowering a company's vulnerability to risk. Any enterprise can install it to protect their data and their users. The anti-ROP moving defense is easy to install and backwards compatible. For more information, contact us at IBM Research Hyphen.