Memory Corruption Attacks and Defenses in the Context of Real-World Crypto - Tutorial

Davi, Lucas; Sadeghi, Ahmad-Reza
Name of Event:
Summer School on real-world crypto and privacy
Sibenik, Croatia


Software attacks exploit vulnerabilities in programs to trigger malicious operations and steal sensitive data. In this context, memory corruption attacks play a vital role as they allow an attacker to perform arbitrary reads and writes to main memory. While traditional attacks required the attacker to directly inject malicious code into the memory space of an application, modern attacks either only induce malicious execution by means of a combination of existing code (return-oriented programming) or only manipulate variables without violating the program’s control flow (data-oriented exploits). For the case of real-world crypto schemes, these attacks are capable of stealing and altering cryptographic material.

In this tutorial, we provide an overview of the state-of-the-art memory exploitation techniques and defenses. We start with the main principles of memory exploitation covering stack smashing, return-oriented programming, and data-oriented programming. Next, we present modern defense techniques such as control-flow integrity and memory randomization.

In the second part of this tutorial, we continue with a hands-on lab where attendees will have the opportunity to construct proof-of-concept memory exploits that undermine cryptographic schemes deployed by the target application.

More information on the summer school here