Modern Runtime Exploitation Techniques and Defenses - Lecture

Autor(en):

Lucas Davi, Ahmad-Reza Sadeghi

Name der Veranstaltung:

Summer School on Secure and Trustworthy Computing

Ort:

Bucharest, Romania

Datum:

24.09.2015

Handout:

Download (4.33 MB)

Abstract

Memory corruption attacks exploit program bugs in modern software programs to compromise computing platforms. Although these attacks are known for several decades, they still pose a severe threat today’s software programs. These attacks can be applied to a variety of architectures starting from Desktop PCs and mobile devices to tiny embedded devices employed in sensors. In particular, code-reuse attacks such as return-oriented programming have significantly raised the sophistication of memory corruption attacks since they induce malicious actions based on only existing benign code. Fortunately, the security community including industrial efforts by Google and Microsoft have recently introduced a variety of defenses. On the other hand, attackers quickly adapted and proposed new attack techniques leading to a continuing arms race. In this lecture, we will provide an overview on state-of-the-art exploitation techniques and defenses against these attacks. In addition, the students will learn the practical concepts of runtime exploitation based on a hands-on lab