Team

Prof. Dr.-Ing. Lucas Vincenzo Davi

Lehrstuhlinhaber

Prof. Dr.-Ing. Lucas Vincenzo Davi

Raum:
S-GW 212
Telefon:
+49 201 18-36445
E-Mail:
Sprechstunde:
Do, 16-17 Uhr (Anmeldung erforderlich)
Autorenprofil:
Google Scholar

Zur Person:

Lucas Davi ist Professor für Informatik an der Universität Duisburg-Essen und Direktor des paluno - the Ruhr Institute for Software Technology. Er ist PI im Sonderforschungsbereich (SFB) CROSSING und dem Exzellenzcluster CASA . Er hat aktuell einen ERC Starting Grant für Smart Contract Sicherheit.

Lebenslauf:

seit 02/2024
Direktor des paluno - the Ruhr Institute for Software Technology
seit 12/2022
W3-Professor für Informatik an der Universität Duisburg-Essen
12/2016-11/2022
Juniorprofessor für Informatik an der Universität Duisburg-Essen
10/2015-11/2016
Independent Claude Shannon Research Group Leader für Sichere und Vertrauenswürdige Systeme an der TU Darmstadt
07/2015-09/2015
Post-Doc am System Security Lab der TU Darmstadt
06/2013-08/2013
Summer Internship bei Intel Labs, Portland, OR, USA
01/2011-06/2015
Wissenschaftlicher Mitarbeiter und Doktorand am Center for Advanced Security Research Darmstadt (CASED) - Titel der Dissertation: "Code-Reuse Attacks and Defenses" [PDF]
01/2010-12/2010
Wissenschaftlicher Mitarbeiter und Doktorand am Horst-Görtz Institut für IT-Sicherheit (HGI)
04/2007-12/2009
Master of Science in IT-Sicherheit an der Ruhr-Universität Bochum
09/2003-01/2007
Diplom (FH) Wirschaftsinformatik an der FOM Neuss & Ausbildung zum Informatikkaufmann bei der ThyssenKrupp Steel AG, Duisburg
2003
Abitur am Michael-Ende Gymnasium Tönisvorst

Forschungsrankings:

Forschungsgebiete:

Seine Forschung konzentriert sich auf praktische Problemstellungen der Software- und Systemsicherheit. Insbesondere forscht er an sogenannten Laufzeitangriffen (Software Exploits), die Sicherheitslücken in Software ausnutzen, um Schadverhalten auszulösen.

Publikationen:

Filter:
  • Smolka, Sven; Giesen, Jens-Rene; Winkler, Pascal; Draissi, Oussama; Davi, Lucas; Karame, Ghassan; Pohl, Klaus: Fuzz on the Beach: Fuzzing Solana Smart Contracts. In: Proc. of the 30th ACM SIGSAC Conference on Computer & Communications Security (CCS). ACM, Copenhagen, Denmark 2023. BIB DownloadDetails

    Solana has quickly emerged as a popular platform for building decentralized applications (DApps), such as marketplaces for non- fungible tokens (NFTs). A key reason for its success are Solana’s low transaction fees and high performance, which is achieved in part due to its stateless programming model. Although the litera- ture features extensive tooling support for smart contract security, current solutions are largely tailored for the Ethereum Virtual Ma- chine. Unfortunately, the very stateless nature of Solana’s execution environment introduces novel attack patterns specific to Solana requiring a rethinking for building vulnerability analysis methods. In this paper, we address this gap and propose FuzzDelSol, the first binary-only coverage-guided fuzzing architecture for Solana smart contracts. FuzzDelSol faithfully models runtime specifics such as smart contract interactions. Moreover, since source code is not available for the large majority of Solana contracts, FuzzDelSol operates on the contract’s binary code. Hence, due to the lack of semantic information, we carefully extracted low-level program and state information to develop a diverse set of bug oracles covering all major bug classes in Solana. Our extensive evaluation on 6049 smart contracts shows that FuzzDelSol’s bug oracles finds impactful vulnerabilities with a high precision and recall. To the best of our knowledge, this is the largest evaluation of the security landscape on the Solana mainnet.

  • Thoma, Jan Philipp; Niesler, Christian; Funke, Dominic; Leander, Gregor; Mayr, Pierre; Pohl, Nils; Davi, Lucas; Güneysu, Tim: ClepsydraCache - Preventing Cache Attacks with Time-Based Evictions. In: Proc. of 32nd USENIX Security Symposium. Anaheim, CA 2023. BIB DownloadDetails
  • Rodler, Michael; Paaßen, David; Li, Wenting; Bernhard, Lukas; Holz, Thorsten; Karame, Ghassan; Davi, Lucas: EF/CF: High Performance Smart Contract Fuzzing for Exploit Generation. In: Proc. of 8th IEEE European Symposium on Security and Privacy (EuroSP). 2023. BIB DownloadDetails
  • Surminski, Sebastian; Niesler, Christian; Davi, Lucas; Sadeghi, Ahmad-Reza: DMA'n'Play: Practical Remote Attestation Based on Direct Memory Access. In: Proc. of 21st International Conference on Applied Cryptography and Network Security (ACNS). Kyoto, Japan 2023. BIB DownloadDetails

    Remote attestation allows validating the trustworthiness of a remote device. Existing attestation schemes either require hardware changes, trusted computing components, or rely on strict timing constraints. In this paper, we present a novel remote attestation approach, called DMA’n’Play, that tackles these practical limitations by leveraging DMA (direct memory access). Since DMA does not require CPU time, DMA’n’Play even allows attestation of devices with real-time constraints. To prevent the exploitation of side-channels which potentially could determine if the attestation is running, we developed DMA’n’Play To-Go, a small, mobile attestation device that can be plugged into the attested device. We evaluated DMA’n’Play on two real-world devices, namely a syringe pump and a drone. Our evaluation shows that DMA’n’Play adds negligible performance overhead and prevents dataonly attacks, by validating critical data in memory.

  • Surminski, Sebastian; Niesler, Christian; Linsner, Sebastian; Davi, Lucas; Reuter, Christian: SCAtt-man: Side-Channel-Based Remote Attestation for Embedded Devices that Users Understand. In: Proc. of the 13th ACM Conference on Data and Application Security and Privacy (CODASPY). ACM, Charlotte, NC, United States 2023. BIB DownloadDetails

    From the perspective of end-users, IoT devices behave like a black box: As long as they work as intended, the user will not detect any compromise. The user has minimal control over the software. Hence, it is very likely that the user misses that illegal recordings and transmissions occur if a security camera or a smart speaker is hacked. In this paper, we present SCAtt-man, the first remote attestation scheme that is specifically designed with the user in mind. SCAtt-man deploys software-based attestation to check the integrity of remote devices, allowing users to verify the integrity of IoT devices with their smartphone. The key novelty of SCAtt-man resides in the utilization of user-observable side-channels such as light or sound in the attestation protocol.
    Our proof-of-concept implementation targets a smart speaker and an attestation protocol that is based on a data-over-sound protocol. Our evaluation demonstrates the effectiveness of SCAtt-man against a variety of attacks and its usability based on a comprehensive user study with 20 participants.

  • Cloosters, Tobias; Paaßen, David; Wang, Jianqiang; Draissi, Oussama; Jauernig, Patrick; Stapf, Emmanuel; Davi, Lucas; Sadeghi, Ahmad-Reza: RiscyROP: Automated Return-Oriented Programming Attacks on RISC-V and ARM64. In: Proc. of 25th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2022). Limassol, Cyprus 2022. doi:10.1145/3545948.3545997PDFBIB DownloadDetails
  • Giesen, Jens-Rene; Andreina, Sebastien; Rodler, Michael; Karame, Ghassan O.; Davi, Lucas: Tutorial: Analyzing, Exploiting, and Patching Smart Contracts in Ethereum. In: Proc. of 7th IEEE Secure Development Conference (SecDev). 2022. PDFBIB DownloadDetails

    Smart contracts are programs which encode business logic and execute on the blockchain. While Ethereum is the most popular blockchain platform for smart contracts, an increasing number of new blockchain platforms are also able to support smart contract execution (e.g., Solana or Cardano). Security vulnerabilities in Ethereum smart contracts have demonstrated that writing secure smart contracts is highly challenging. This is exacerbated by the fact that the exploitation of buggy smart contracts seems disproportionately easier compared to exploiting classic PC software.

    In this tutorial, we overview a number of smart contract vulnerabilities focusing on the Ethereum ecosystem. We also provide an introduction to the de-facto smart contract programming language Solidity and provide a comprehensive hands-on lab tutorial that involves analyzing vulnerable smart contracts, developing proof-of-concept exploits as well as introducing security analysis tools for testing smart contracts.

  • Cloosters, Tobias; Surminski, Sebastian; Sangel, Gerrit; Davi, Lucas: SALSA: SGX Attestation for Live Streaming Applications. In: Proc. of 7th IEEE Secure Development Conference (SecDev). IEEE, 2022. doi:10.1109/SecDev53368.2022.00019VolltextBIB DownloadDetails

    Intel SGX is a security feature of processors that allows running software in enclaves, isolated from the operating system. Even an attacker with full control of the computer system cannot inspect these enclaves. This makes SGX enclaves an
    adequate solution to store and process highly sensitive data like encryption keys. However, these enclaves are still vulnerable to standard software attacks. While SGX allows static attestation, i.e., validating the integrity of the program code and data in the enclave, static attestation cannot detect run-time attacks.
    We present SALSA , the first solution to allow run-time attestation of SGX enclaves. To show its applicability, we use SALSA to implement a video streaming service that uses an SGX enclave to decode the video stream. When a compromise of the SGX enclave is detected, the streaming of the video instantaneously stops. This shows a practical use-case for runtime attestation of SGX enclaves. In the evaluation, we show that the performance of this setup is sufficient to attest a live video streaming service.

  • Cloosters, Tobias; Willbold, Johannes; Holz, Thorsten; Davi, Lucas: SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing. In: Proc. of 31st USENIX Security Symposium. 2022. PDFBIB DownloadDetails
  • Bernhard, Lukas; Rodler, Michael; Holz, Thorsten; Davi, Lucas: xTag: Mitigating Use-After-Free Vulnerabilities via Software-Based Pointer Tagging on Intel x86-64. In: Proc. of 7th IEEE European Symposium on Security and Privacy. 2022. VolltextBIB DownloadDetails

    Memory safety in complex applications implemented in unsafe programming languages such as C/C++ is still an unresolved problem in practice. Such applications were often developed in an ad-hoc, security-ignorant fashion, and thus they contain many types of security issues. Many different types of defenses have been proposed in the past to mitigate these problems, some of which are even widely used in practice. However, advanced attacks are still able to circumvent these defenses, and the arms race is not (yet) over. On the defensive side, the most promising next step is a tighter integration of the hardware and software level: modern mitigation techniques are either accelerated using hardware extensions or implemented in the hardware by extensions of the instruction set architecture (ISA). In particular, memory tagging, as proposed by ARM or SPARC, promises to solve many issues for practical memory safety. Unfortunately, Intel x86-64, which represents the most important ISA for both the desktop and server domain, lacks support for hardware-accelerated memory tagging, so memory tagging is not considered practical for this platform. In this paper, we present the design and implementation of an efficient, software-only pointer tagging scheme for Intel x86-64 based on a novel metadata embedding scheme. The basic idea is to alias multiple virtual pages to one physical page so that we can efficiently embed tag bits into a pointer. Furthermore, we introduce several optimizations that significantly reduce the performance impact of this approach to memory tagging. Based on this scheme, we propose a novel use-after-free mitigation scheme, called xTag, that offers better performance and strong security properties compared to state-of-the-art methods. We also show how double-free vulnerabilities can be mitigated. Our approach is highly compatible, allowing pointers to be passed back and forth between instrumented and non-instrumented code without losing metadata, and it is even compatible with inline assembly. We conclude that building exploit mitigation mechanisms on top of our memory tagging scheme is feasible on Intel x86-64, as demonstrated by the effective prevention of use-after-free bugs in the Firefox web browser.

  • Surminski, Sebastian; Niesler, Christian; Brasser, Ferdinand; Davi, Lucas; Sadeghi, Ahmad-Reza: RealSWATT: Remote Software-based Attestation for Embedded Devices under Realtime Constraints. In: Proc. of the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM, New York, USA 2021. doi:10.1145/3460120.3484788BIB DownloadDetails
  • Paaßen, David; Surminski, Sebastian; Rodler, Michael; Davi, Lucas: My Fuzzer Beats Them All! Developing a Framework for Fair Evaluation and Comparison of Fuzzers. In: Proc. of 26th European Symposium on Research in Computer Security. Springer International Publishing, Darmstadt 2021. BIB DownloadDetails
  • Rodler, Michael; Li, Wenting; Karame, Ghassan O.; Davi, Lucas: EVMPatch: Timely and Automated Patching of Ethereum Smart Contracts. In: Proc. of 30th USENIX Security Symposium. USENIX Association, Vancouver, B.C., Canada 2021. VolltextBIB DownloadDetails

    Recent attacks exploiting errors in smart contract code had devastating consequences thereby questioning the benefits of this technology. It is currently highly challenging to fix errors and deploy a patched contract in time. Instant patching is especially important since smart contracts are always online due to the distributed nature of blockchain systems. They also manage considerable amounts of assets, which are at risk and often beyond recovery after an attack. Existing solutions to upgrade smart contracts depend on manual and error-prone processes. This paper presents a framework, called EVMPatch, to instantly and automatically patch faulty smart contracts. EVMPatch features a bytecode rewriting engine for the popular Ethereum blockchain, and transparently/automatically rewrites common off-the-shelf contracts to upgradable contracts. The proof-of-concept implementation of EVMPatch automatically hardens smart contracts that are vulnerable to integer over/underflows and access control errors, but can be easily extended to cover more bug classes. Our evaluation on 14,000 real-world contracts demonstrates that our approach successfully blocks attack transactions launched on contracts, while keeping the intended functionality of the contract intact. We perform a study with experienced software developers, showing that EVMPatch is practical, and reduces the time for converting a given Solidity smart contract to an upgradable contract by 97.6 %, while ensuring functional equivalence to the original contract.

  • Niesler, Christian; Surminski, Sebastian; Davi, Lucas: HERA: Hotpatching of Embedded Real-time Applications. In: Proc. of 28th Network and Distributed System Security Symposium (NDSS). 2021. doi:10.14722/ndss.2021.24159VolltextBIB DownloadDetails

    Memory corruption attacks are a pre-dominant attack vector against IoT devices. Simply updating vulnerable IoT software is not always possible due to unacceptable downtime and a required reboot. These side-effects must be avoided for highly-available embedded systems such as medical devices and, generally speaking, for any embedded system with real-time constraints.
    To avoid downtime and reboot of a system, previous research has introduced the concept of hotpatching. However, the existing approaches cannot be applied to resource-constrained IoT devices. Furthermore, possible hardware-related issues have not been addressed, i.e., the inability to directly modify the firmware image due to read-only memory.

    In this paper, we present the design and implementation of HERA (Hotpatching of Embedded Real-time Applications) which utilizes hardware-based built-in features of commodity Cortex-M microcontrollers to perform hotpatching of embedded systems. HERA preserves hard real-time constraints while keeping the additional resource usage to a minimum. In a case study, we apply HERA to two vulnerable medical devices. Furthermore, we leverage HERA to patch an existing vulnerability in the FreeRTOS operating system. These applications demonstrate the high practicality and efficiency of our approach.

  • Polian, Ilia; Altmann, Frank; Arul, Tolga; Boit, Christian; Brederlow, Ralf; Davi, Lucas; Drechsler, Rolf; Du, Nan; Eisenbarth, Thomas; Güneysu, Tim; Hermann, Sascha; Hiller, Matthias; Leupers, Rainer; Merchant, Farhad; Mussenbrock, Thomas; Katzenbeisser, Stefan; Kumar, Akash; Kunz, Wolfgang; Mikolajick, Thomas; Pachauri, Vivek; Seifert, Jean-Pierre; Torres, Frank Sill; Trommer, Jens: Nano Security: From Nano-Electronics to Secure Systems. In: 24th Design, Automation & Test in Europe Conference & Exhibition (DATE). 2021. doi:10.23919/DATE51398.2021.9474187BIB DownloadDetails

    The field of computer hardware stands at the verge of a revolution driven by recent breakthroughs in emerging nanodevices. “Nano Security” is a new Priority Program recently approved by DFG, the German Research Council. This initial-stage project initiative at the crossroads of nano-electronics and hardware-oriented security includes 11 projects with a total of 23 Principal Investigators from 18 German institutions. It considers the interplay between security and nano-electronics, focusing on a dichotomy which emerging nano-devices (and their architectural implications) have on system security. The projects within the Priority Program consider both: potential security threats and vulnerabilities stemming from novel nano-electronics, and innovative approaches to establishing and improving system security based on nano-electronics. This paper provides an overview of the Priority Program's overall philosophy and discusses the scientific objectives of its individual projects.

  • Cloosters, Tobias; Rodler, Michael; Davi, Lucas: TeeRex: Discovery and Exploitation of Memory Corruption Vulnerabilities in SGX Enclaves. In: Proc. of 29th USENIX Security Symposium. 2020. VolltextBIB DownloadDetails

    Intel's Software Guard Extensions (SGX) introduced new instructions to switch the processor to enclave mode which protects it from introspection. While the enclave mode strongly protects the memory and the state of the processor, it cannot withstand memory corruption errors inside the enclave code. In this paper, we show that the attack surface of SGX enclaves provides new challenges for enclave developers as exploitable memory corruption vulnerabilities are easily introduced into enclave code. We develop TeeRex to automatically analyze enclave binary code for vulnerabilities introduced at the host-to-enclave boundary by means of symbolic execution. Our evaluation on public enclave binaries reveal that many of them suffer from memory corruption errors allowing an attacker to corrupt function pointers or perform arbitrary memory writes. As we will show, TeeRex features a specifically tailored framework for SGX enclaves that allows simple proof-of-concept exploit construction to assess the discovered vulnerabilities. Our findings reveal vulnerabilities in multiple enclaves, including enclaves developed by Intel, Baidu, and WolfSSL, as well as biometric fingerprint software deployed on popular laptop brands.

    Full TextSlidesPresentation Video

  • Adepu, Sridhar; Brasser, Ferdinand; Garcia, Luis; Rodler, Michael; Davi, Lucas; Sadeghi, Ahmad-Reza; Zonouz, Saman: Control Behavior Integrity for Distributed Cyber-Physical Systems. In: 11th IEEE/ACM Conference on Cyber-Physical Systems (ICCPS'20). 2020. BIB DownloadDetails
  • Dessouky, Ghada; Zeitouni, Shaza; Ibrahim, Ahmad; Davi, Lucas; Sadeghi, Ahmad-Reza: CHASE: A Configurable Hardware-Assisted Security Extension for Real-Time Systems. In: Proc. of 38th International Conference On Computer Aided Design (ICCAD). 2019. BIB DownloadDetails
  • Davi, Lucas; Hatebur, Denis; Heisel, Maritta; Wirtz, Roman: Combining Safety and Security in Autonomous Cars Using Blockchain Technologies. In: 2nd International Workshop on Safety, securiTy, and pRivacy In automotiVe systEms (STRIVE). 2019. BIB DownloadDetails

    Modern cars increasingly deploy complex software systems consisting of millions of lines of code that may be subject to cyber attacks. An infamous example is the Jeep hack which allowed an attacker to remotely control the car engine by just exploiting a software bug in the infotainment system. The digitalization and connectivity of modern cars demands a rethinking of car safety as security breaches now affect the driver's safety. To address the new threat landscape, we develop a novel concept that simultaneously addresses both car safety and security based on the arising blockchain technology, which we mainly exploit to ensure integrity. Previous related work exploited the blockchain for the purpose of forensics, where vehicle data is stored on an externally shared ledger that is accessible by authorized third parties. However, those approaches cannot ensure integrity of information used by the vehicle's components. In contrast, we propose a blockchain-based architecture based on a shared ledger inside the car, where each ECU can act as a miner and shares its information with other ECUs. The architecture does not only improve the integrity of information for forensics. Some algorithms, e.g. the recognition of dangerous situations, are adaptive and can be improved using for example sensor data. Using our architecture, we ensure that those algorithms only take verified and correct information as input.

  • Surminski, Sebastian; Rodler, Michael; Davi, Lucas: Poster: Automated Evaluation of Fuzzers - Distinguished Technical Poster Award. In: Proc. of 26th Network and Distributed System Security Symposium (NDSS). 2019. VolltextBIB DownloadDetails

    Fuzzing is a well-known technique for automatically testing the robustness of software and its susceptibility to security-critical errors. Recently, many new and improved fuzzers have been presented. One critical aspect of any new fuzzer is its overall performance. However, given that there exist no standardized fuzzing evaluation methodology, we observe significant discrepancy in evaluation results making it highly challenging to  compare fuzzing techniques.

    To tackle this deficiency, we developed a new framework, called FETA, which automatically evaluates fuzzers based on a fixed and comprehensive test set enabling objective and general comparison of performance results. We apply FETA to various recently released academic and non-academic fuzzers, eventually resulting in a large scale evaluation of the current state-of-the-art fuzzing approaches.

  • Rodler, Michael; Li, Wenting; Karame, Ghassan; Davi, Lucas: Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks. In: Proc. of 26th Network and Distributed System Security Symposium (NDSS). 2019. VolltextBIB DownloadDetails

    Recently, a number of existing blockchain systems have witnessed major bugs and vulnerabilities within smart contracts. Although the literature features a number of proposals for securing smart contracts, these proposals mostly focus on proving the correctness or absence of a certain type of vulnerability within a contract, but cannot protect deployed (legacy) contracts from being exploited. In this paper, we address this problem in the context of re-entrancy exploits and propose a novel smart contract security technology, dubbed Sereum (Secure Ethereum), which protects existing, deployed contracts against re-entrancy attacks in a backwards compatible way based on run-time monitoring and validation. Sereum does neither require any modification nor any semantic knowledge of existing contracts. By means of implementation and evaluation using the Ethereum blockchain, we show that Sereum covers the actual execution flow of a smart contract to accurately detect and prevent attacks with a false positive rate as small as 0.06% and with negligible run-time overhead. As a by-product, we develop three advanced re-entrancy attacks to demonstrate the limitations of existing offline vulnerability analysis tools.

  • Brasser, Ferdinand; Davi, Lucas; Dhavlle, Abhijitt; Frassetto, Tommaso; Dinakarrao, Sai Manoj Pudukotai; Rafatirad, Setareh; Sadeghi, Ahmad-Reza; Sasan, Avesta; Sayadi, Hossein; Zeitouni, Shaza; Homayoun, Houman: Advances and Throwbacks in Hardware-assisted Security - CASES: Special Session - Towards Secure Computer Architecture: Understanding Security Vulnerabilities and Emerging Attacks for Better Defenses. In: Proc. of IEEE International Conference on Compilers, Architecture, and Synthesis for Embedded Systems. IEEE, 2018. VolltextBIB DownloadDetails

    Hardware security architectures and primitives are becoming increasingly important in practice providing trust anchors and trusted execution environment to protect modern software systems. Over the past two decades we have witnessed various hardware security solutions and trends from Trusted Platform Modules (TPM), performance counters for security, ARM's TrustZone, and Physically Unclonable Functions (PUFs), to very recent advances such as Intel's Software Guard Extension (SGX). Unfortunately, these solutions are rarely used by third party developers, make strong trust assumptions (including in manufacturers), are too expensive for small constrained devices, do not easily scale, or suffer from information leakage. Academic research has proposed a variety of solutions, in hardware security architectures, these advancements are rarely deployed in practice.

  • Biondo, Andrea; Conti, Mauro; Davi, Lucas; Frassetto, Tommaso; Sadeghi, Ahmad-Reza: The Guard's Dilemma: Efficient Code-Reuse Attacks Against Intel SGX. In: Proc. of 27th USENIX Security Symposium. 2018. VolltextBIB DownloadDetails

    Intel Software Guard Extensions (SGX) isolate security-critical code inside a protected memory area called enclave. Previous research on SGX has demonstrated that memory corruption vulnerabilities within enclave code can be exploited to extract secret keys and bypass remote attestation. However, these attacks require kernel privileges, and rely on frequently probing enclave code which results in many enclave crashes. Further, they assume a constant, not randomized memory layout. In this paper, we present novel exploitation techniques against SGX that do not require any enclave crashes and work in the presence of existing SGX randomization approaches such as SGX-Shield. A key contribution of our attacks is that they work under weak adversarial assumptions, e.g., not requiring kernel privileges. In fact, they can be applied to any enclave that is developed with the standard Intel SGX SDK on either Linux or Windows.

  • Jin, Yier; Sullivan, Dean; Arias, Orlando; Sadeghi, Ahmad-Reza; Davi, Lucas: Hardware Control Flow Integrity. In: Larsen, Per; Sadeghi, Ahmad-Reza (Hrsg.): The Continuing Arms Race: Code-Reuse Attacks and Defenses. Association for Computing Machinery and Morgan & Claypool, 2018, S. 181-210. doi:10.1145/3129743.3129751BIB DownloadDetails

    Control-Flow Integrity (CFI) is a promising and general defense against control-flow hijacking with formal underpinnings. A key insight from the extensive research on CFI is that its effectiveness depends on the precision and coverage of a program's Control-Flow Graph (CFG). Since precise CFG generation is highly challenging and often difficult, many CFI schemes rely on brittle heuristics and imprecise, coarse-grained CFGs. Furthermore, comprehensive, fine-grained CFI defenses implemented purely in software incur overheads that are unacceptably high. In this chapter, we first specify a CFI model that captures many known CFI techniques, including stateless and stateful approaches as well as fine-grained and coarse-grained CFI policies.We then design and implement a novel hardwareenhanced CFI. Key to this approach is a set of dedicated CFI instructions that can losslessly enforce any CFG and diverse CFI policies within our model. Moreover, we fully support multi-tasking and shared libraries, prevent various forms of codereuse attacks, and allow code protected with CFI to interoperate with unprotected legacy code. Our prototype implementation on the SPARC LEON3 is highly efficient with a performance overhead of 1.75% on average when applied to several SPECInt2006 benchmarks and 0.5% when applied to EEMBC's CoreMark benchmark.

  • Gens, David; Schmitt, Simon; Davi, Lucas; Sadeghi, Ahmad-Reza: K-Miner: Uncovering Memory Corruption in Linux. In: Proc. of 25th Annual Network & Distributed System Security Symposium (NDSS). 2018. VolltextBIB DownloadDetails

    Operating system kernels are appealing attack targets: compromising the kernel usually allows attackers to bypass all deployed security mechanisms and take control over the entire system. Commodity kernels, like Linux, are written in low-level programming languages that offer only limited type and memory-safety guarantees, enabling adversaries to launch sophisticated run-time attacks against the kernel by exploiting memory-corruption vulnerabilities. Many defenses have been proposed to protect operating systems at run time, such as control-flow integrity (CFI). However, the goal of these run-time monitors is to prevent exploitation as a symptom of memory corruption, rather than eliminating the underlying root cause, i.e., bugs in the kernel code. While finding bugs can be automated, e.g., using static analysis, all existing approaches are limited to local, intra-procedural checks, and face severe scalability challenges due to the large kernel code base. Consequently, there currently exist no tools for conducting global static analysis of operating system kernels. In this paper, we present K-Miner, a new framework to efficiently analyze large, commodity operating system kernels like Linux. Our novel approach exploits the highly standardized interface structure of the kernel code to enable scalable pointer analysis and conduct global, context-sensitive analysis. Through our inter-procedural analysis we show that K-Miner systematically and reliably uncovers several different classes of memory-corruption vulnerabilities, such as dangling pointers, user-after-free, double-free, and double-lock vulnerabilities. We thoroughly evaluate our extensible analysis framework, which leverages the popular and widely used LLVM compiler suite, for the current Linux kernel and demonstrate its effectiveness by reporting several memory-corruption vulnerabilities.

  • Pewny, Jannik; Koppe, Philipp; Davi, Lucas; Holz, Thorsten: Breaking and Fixing Destructive Code Read Defenses. In: Proc. of 33nd Annual Computer Security Applications Conference (ACSAC). 2017. VolltextBIB DownloadDetails

    Just-in-time return-oriented programming (JIT-ROP) is a powerful memory corruption attack that bypasses various forms of code randomization. Execute-only memory (XOM) can potentially prevent these attacks, but requires source code. In contrast, destructive code reads (DCR) provide a trade-off between security and legacy compatibility. The common belief is that DCR provides strong protection if combined with a high-entropy code randomization. The contribution of this paper is twofold: first, we demonstrate that DCR can be bypassed regardless of the underlying code randomization scheme. To this end, we show novel, generic attacks that infer the code layout for highly randomized program code. Second, we present the design and implementation of BGDX (Byte-Granular DCR and XOM), a novel mitigation technique that protects legacy binaries against code-inference attacks. BGDX enforces memory permissions on a byte-granular level allowing us to combine DCR and XOM for legacy, off-the-shelf binaries. Our evaluation shows that BGDX is not only effective, but highly efficient, imposing only a geometric mean performance overhead of 3.95% on SPEC.

  • Nyman, Thomas; Ekberg, Jan-Erik; Davi, Lucas; Asokan, N.: CFI CaRE: Hardware-supported Call and Return Enforcement for Commercial Microcontrollers. In: Proc. of 20th International Symposium on Research on Attacks, Intrusions and Defenses (RAID 2017). 2017. VolltextBIB DownloadDetails

    With the increasing scale of deployment of Internet of Things (IoT), concerns about IoT security have become more urgent. In particular, memory corruption attacks play a predominant role as they allow remote compromise of IoT devices. Control-flow integrity (CFI) is a promising and generic defense technique against these attacks. However, given the nature of IoT deployments, existing protection mechanisms for traditional computing environments (including CFI) need to be adapted to the IoT setting. In this paper, we describe the challenges of enabling CFI on microcontroller (MCU) based IoT devices. We then present CaRE, the first interrupt-aware CFI scheme for low-end MCUs. CaRE uses a novel way of protecting the CFI metadata by leveraging TrustZone-M security extensions introduced in the ARMv8-M architecture. Its binary instrumentation approach preserves the memory layout of the target MCU software, allowing pre-built bare-metal binary code to be protected by CaRE. We describe our implementation on a Cortex-M Prototyping System and demonstrate that CaRE is secure while imposing acceptable performance and memory impact.

  • Brasser, Ferdinand; Davi, Lucas; Gens, David; Liebchen, Christopher; Sadeghi, Ahmad-Reza: CAn’t Touch This: Software-only Mitigation against Rowhammer Attacks targeting Kernel Memory. In: Proc. of 26th USENIX Security Symposium. 2017. VolltextBIB DownloadDetails

    Rowhammer is a hardware bug that can be exploited to implement privilege escalation and remote code execution attacks. Previous proposals on rowhammer mitigations either require hardware changes or follow heuristic-based approaches (based on CPU performance counters). To date, there exists no instant protection against rowhammer attacks on legacy systems.

    In this paper, we present the design and implementation of a practical and efficient software-only defense against rowhammer attacks. Our defense, called CATT, prevents the attacker from leveraging rowhammer to corrupt kernel memory from user mode. To do so, we extend the physical memory allocator of the OS to physically isolate the memory of the kernel and user space. We implemented CATT on x86 and ARM to mitigate rowhammer-based kernel exploits. Our extensive evaluation shows that our mitigation (i) can stop available real-world rowhammer attacks, (ii) imposes virtually no runtime overhead for common user and kernel benchmarks as well as commonly used applications, and (iii) does not affect the stability of the overall system.

  • Dessouky, Ghada; Zeitouni, Shaza; Nyman, Thomas; Paverd, Andrew; Davi, Lucas; Koeberl, Patrick; Asokan, N.; Sadeghi, Ahmad-Reza: LO-FAT: Low-Overhead Control Flow ATtestation in Hardware. In: Proc. of 54th Design Automation Conference (DAC). 2017. VolltextBIB DownloadDetails

    Attacks targeting software on embedded systems are becoming increasingly prevalent. Remote attestation is a mechanism that allows establishing trust in embedded devices. However, existing attestation schemes are either static and cannot detect control-flow attacks, or require instrumentation of software incurring high performance overheads. To overcome these limitations, we present LO-FAT, the first practical hardware-based approach to control-flow attestation. By leveraging existing processor hardware features and commonly-used IP blocks, our approach enables efficient control-flow attestation without requiring software instrumentation. We show that our proof-of-concept implementation based on a RISC-V SoC incurs no processor stalls and requires reasonable area overhead.

  • Rudd, Robert; Skowyra, Richard; Bigelow, David; Dedhia, Veer; Hobson, Thomas; Crane, Stephen; Liebchen, Christopher; Larsen, Per; Davi, Lucas; Franz, Michael; Sadeghi, Ahmad-Reza; Okhravi, Hamed: Address Oblivious Code Reuse: On the Effectiveness of Leakage Resilient Diversity. In: Proc. of 24th Annual Network & Distributed System Security Symposium (NDSS). 2017. VolltextBIB DownloadDetails

    Memory corruption vulnerabilities not only allow modification of control data and injection of malicious payloads; they also allow adversaries to reconnoiter a diversified program, customize a payload, and ultimately bypass code randomization defenses. In response, researchers have proposed and built various leakage-resilient defenses against code reuse. Leakage-resilient defenses use memory protection techniques to prevent adversaries from directly reading code as well as pointer indirection or encryption techniques to decouple code pointers from the randomized code layout, avoiding indirect leakage. In this paper, we show that although current code pointer protections do prevent leakage per se, they are fundamentally unable to stop code reuse. Specifically, we demonstrate a new class of attacks we call address-oblivious code reuse that bypasses state-of-the-art leakage-resilience techniques by profiling and reusing protected code pointers, without leaking the code layout. We show that an attacker can accurately identify protected code pointers of interest and mount code-reuse attacks at the abstraction level of pointers without requiring any knowledge of code addresses. We analyze the prevalence of opportunities for such attacks in popular code bases and build three real-world exploits against Nginx and Apache to demonstrate their practicality. We analyze recently proposed leakage resilient defenses and show that they are vulnerable to address oblivious code reuse. Our findings indicate that because of the prevalence of code pointers in realistic programs and the fundamental need to expose them to    read    operations (even indirectly), diversity defenses face a fundamental design challenge in mitigating such attacks.

  • Davi, Lucas; Gens, David; Liebchen, Christopher; Sadeghi, Ahmad-Reza: PT-Rand: Practical Mitigation of Data-only Attacks against Page Tables. In: Proc. of 24th Annual Network & Distributed System Security Symposium (NDSS). 2017. VolltextBIB DownloadDetails

    Kernel exploits constitute a powerful attack class allowing attackers to gain full control over a system. Various kernel hardening solutions have been proposed or deployed in practice to protect the kernel against code injection (e.g., DEP) or code-reuse exploits (e.g., CFI). However, the security of all these hardening techniques relies heavily on the assumption that kernel page tables cannot be manipulated, e.g., by means of dataonly attacks. Ensuring kernel page tables integrity is not only essential for kernel security but also a challenging task in practice since existing solutions require hardware trust anchors, costly hypervisors, or inefficient integrity checks. 

    In this paper, we first motivate the importance of protecting kernel page tables by presenting a data-only attack against page tables to bypass the recently released CFI-based (Linux) kernel hardening technique RAP. Thereafter, we present the design and implementation of PT-Rand, the first practical solution to protect kernel page tables that does not suffer from the mentioned deficiencies of previous proposals. PT-Rand randomizes the location of page tables and tackles a number of challenges to ensure that the location of page tables is not leaked. This effectively prevents the attacker from manipulating access permissions of code pages, thereby enabling secure enforcement of kernel exploit mitigation technologies such as CFI. We extensively evaluate our prototype implementation of PT-Rand for the current Linux kernel on the popular Linux distribution Debian and report a low overhead of 0.22% for common benchmarks. Moreover, we combine RAP with PT-Rand to protect RAP against data-only attacks on kernel page tables.

  • Sullivan, Dean; Arias, Orlando; Davi, Lucas; Sadeghi, Ahmad-Reza; Jin, Yier: Towards a Policy-Agnostic Control-Flow Integrity Implementation. In: Black Hat Europe. 2016. BIB DownloadDetails
  • Deshotels, Luke; Deaconescu, Razvan; Chiroiu, Mihai; Davi, Lucas; Enck, William; Sadeghi, Ahmad-Reza: SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles. In: Proc. of 23rd ACM Conference on Computer and Communications Security (CCS). 2016. doi:10.1145/2976749.2978336VolltextBIB DownloadDetails

    Recent literature on iOS security has focused on the malicious potential of third-party applications, demonstrating how developers can bypass application vetting and code-level protections. In addition to these protections, iOS uses a generic sandbox profile called "container" to confine malicious or exploited third-party applications. In this paper, we present the first systematic analysis of the iOS container sandbox profile. We propose the SandScout framework to extract, decompile, formally model, and analyze iOS sandbox profiles as logic-based programs. We use our Prolog-based queries to evaluate file-based security properties of the container sandbox profile for iOS 9.0.2 and discover seven classes of exploitable vulnerabilities. These attacks affect non-jailbroken devices running later versions of iOS. We are working with Apple to resolve these attacks, and we expect that SandScout will play a significant role in the development of sandbox profiles for future versions of iOS.

  • Abera, Tigist; Asokan, Nadarajah; Davi, Lucas; Ekberg, Jan-Erik; Nyman, Thomas; Paverd, Andrew; Sadeghi, Ahmad-Reza; Tsudik, Gene: C-FLAT: Control-Flow Attestation for Embedded Systems Software. In: Proc. of 23rd ACM Conference on Computer and Communications Security (CCS). 2016. doi:10.1145/2976749.2978358VolltextBIB DownloadDetails

    Remote attestation is a crucial security service particularly relevant to increasingly popular IoT (and other embedded) devices. It allows a trusted party (verifier) to learn the state of a remote, and potentially malware-infected, device (prover). Most existing approaches are static in nature and only check whether benign software is initially loaded on the prover. However, they are vulnerable to runtime attacks that hijack the application's control or data flow, e.g., via return-oriented programming or data-oriented exploits. As a concrete step towards more comprehensive runtime remote attestation, we present the design and implementation of Control-FLow ATtestation (C-FLAT) that enables remote attestation of an application's control-flow path, without requiring the source code. We describe a full prototype implementation of C-FLAT on Raspberry Pi using its ARM TrustZone hardware security extensions. We evaluate C-FLAT's performance using a real-world embedded (cyber-physical) application, and demonstrate its efficacy against control-flow hijacking attacks.

  • Sullivan, Dean; Arias, Orlando; Davi, Lucas; Larsen, Per; Sadeghi, Ahmad-Reza; Jin, Yier: Strategy Without Tactics: Policy-Agnostic Hardware-Enhanced Control-Flow Integrity. In: Proc. of 53rd Design Automation Conference (DAC). 2016. doi:10.1145/2897937.2898098VolltextBIB DownloadDetails
    Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constitute a severe threat against diverse computing platforms. Existing CFI solutions (both in software and hardware) suffer from shortcomings such as (i) inefficiency, (ii) security weaknesses, or (iii) are not scalable. In this paper, we present a generic hardware-enhanced CFI scheme that tackles these problems and allows to enforce diverse CFI policies. Our approach fully supports multi-tasking, shared libraries, prevents various forms of code-reuse attacks, and allows CFI protected code and legacy code to co-exist. We evaluate our implementation on SPARC LEON3 and demonstrate its high efficiency.
  • Abera, Tigist; Asokan, Nadarajah; Davi, Lucas; Koushanfar, Farinaz; Praverd, Andrew; Tsudik, Gene; Sadeghi, Ahmad-Reza: Invited - Things, Trouble, Trust: On Building Trust in IoT Systems. In: Proc. of 53rd Design Automation Conference (DAC). 2016. doi:10.1145/2897937.2905020VolltextBIB DownloadDetails

    The emerging and much-touted Internet of Things (IoT) presents a variety of security and privacy challenges. Prominent among them is the establishment of trust in remote IoT devices, which is typically attained via remote attestation, a distinct security service that aims to ascertain the current state of a potentially compromised remote device. Remote attestation ranges from relatively heavy-weight secure hardware-based techniques, to light-weight software-based ones, and also includes approaches that blend software (e.g., control-flow integrity) and hardware features (e.g., PUFs). In this paper, we survey the landscape of state-of-the-art attestation techniques from the IoT device perspective and argue that most of them have a role to play in IoT trust establishment.

  • Lettner, Julian; Kollenda, Benjamin; Homescu, Andrei; Larsen, Per; Schuster, Felix; Davi, Lucas; Sadeghi, Ahmad-Reza; Holz, Thorsten; Franz, Michael: Subversive-C: Abusing and Protecting Dynamic Message Dispatch. In: Proc. of USENIX Annual Technical Conference (ATC). 2016. VolltextBIB DownloadDetails
    The lower layers in the modern computing infrastructure are written in languages threatened by exploitation of memory management errors. Recently deployed exploit mitigations such as control-flow integrity (CFI) can prevent traditional return-oriented programming (ROP) exploits but are much less effective against newer techniques such as Counterfeit Object-Oriented Programming (COOP) that execute a chain of C++ virtual methods. Since these methods are valid control-flow targets, COOP attacks are hard to distinguish from benign computations. Code randomization is likewise ineffective against COOP. Until now, however, COOP attacks have been limited to vulnerable C++ applications which makes it unclear whether COOP is as general and portable a threat as ROP.

    This paper demonstrates the first COOP-style exploit for Objective-C, the predominant programming language on Apple’s OS X and iOS platforms. We also retrofit the Objective-C runtime with the first practical and efficient defense against our novel attack. Our defense is able to protect complex, real-world software such as iTunes without recompilation. Our performance experiments show that the overhead of our defense is low in practice.

  • McLaughlin, Stephen; Konstantinou, Charalambos; Wang, Xueyang; Davi, Lucas; Sadeghi, Ahmad-Reza; Maniatakos, Michail; Karri, Ramesh: The Cybersecurity Landscape in Industrial Control Systems. In: Proceedings of the IEEE, Jg. 104 (2016) Nr. 5, S. 1039-1057. doi:10.1109/JPROC.2015.2512235BIB DownloadDetails
  • Braden, Kjell; Crane, Stephen; Davi, Lucas; Franz, Michael; Larsen, Per; Liebchen, Christopher; Sadeghi, Ahmad-Reza: Leakage-Resilient Layout Randomization for Mobile Devices. In: Proc. of 23rd Annual Network & Distributed System Security Symposium (NDSS). 2016. VolltextBIB DownloadDetails

    Attack techniques based on code reuse continue to enable real-world exploits bypassing all current mitigations. Code randomization defenses greatly improve resilience against code reuse. Unfortunately, sophisticated modern attacks such as JIT-ROP can circumvent randomization by discovering the actual code layout on the target and relocating the attack payload on the fly. Hence, effective code randomization additionally requires that the code layout cannot be leaked to adversaries.

    Previous approaches to leakage-resilient diversity have either relied on hardware features that are not available in all processors, particularly resource-limited processors commonly found in mobile devices, or they have had high memory overheads. We introduce a code randomization technique that avoids these limitations and scales down to mobile and embedded devices: Leakage-Resilient Layout Randomization (LR^2).

    Whereas previous solutions have relied on virtualization, x86 segmentation, or virtual memory support, LR^2 merely requires the underlying processor to enforce a W XOR X policy---a feature that is virtually ubiquitous in modern processors, including mobile and embedded variants. Our evaluation shows that LR^2 provides the same security as existing virtualization-based solutions while avoiding design decisions that would prevent deployment on less capable yet equally vulnerable systems. Although we enforce execute-only permissions in software, LR^2 is as efficient as the best-in-class virtualization-based solution.

  • Larsen, Per; Brunthaler, Stefan; Davi, Lucas; Sadeghi, Ahmad-Reza; Franz, Michael: Automated Software Diversity. Morgan & Claypool, 2015. doi:10.2200/S00686ED1V01Y201512SPT014BIB DownloadDetails

    Whereas user-facing applications are often written in modern languages, the firmware, operating system, support libraries, and virtual machines that underpin just about any modern computer system are still written in low-level languages that value flexibility and performance over convenience and safety. Programming errors in low-level code are often exploitable and can, in the worst case, give adversaries unfettered access to the compromised host system.

    This book provides an introduction to and overview of automatic software diversity techniques that, in one way or another, use randomization to greatly increase the difficulty of exploiting the vast amounts of low-level code in existence. Diversity-based defenses are motivated by the observation that a single attack will fail against multiple targets with unique attack surfaces. We introduce the many, often complementary, ways that one can diversify attack surfaces and provide an accessible guide to more than two decades worth of research on the topic. We also discuss techniques used in conjunction with diversity to prevent accidental disclosure of randomized program aspects and present an in-depth case study of one of our own diversification solutions.

  • Davi, Lucas; Sadeghi, Ahmad-Reza: Building Secure Defenses Against Code-Reuse Attacks. Springer International Publishing, 2015. (ISBN 978-3-319-25544-6) doi:10.1007/978-3-319-25546-0BIB DownloadDetails

    This book provides an in-depth look at return-oriented programming attacks. It explores several conventional return-oriented programming attacks and analyzes the effectiveness of defense techniques including address space layout randomization (ASLR) and the control-flow restrictions implemented in security watchdogs such as Microsoft EMET.

    Chapters also explain the principle of control-flow integrity (CFI), highlight the benefits of CFI and discuss its current weaknesses. Several improved and sophisticated return-oriented programming attack techniques such as just-in-time return-oriented programming are presented.

    Building Secure Defenses against Code-Reuse Attacks is an excellent reference tool for researchers, programmers and professionals working in the security field. It provides advanced-level students studying computer science with a comprehensive overview and clear understanding of important runtime attacks.

  • Crane, Stephen; Volckaert, Stijn; Schuster, Felix; Liebchen, Christopher; Larsen, Per; Davi, Lucas; Sadeghi, Ahmad-Reza; Holz, Thorsten; Sutter, Bjorn De; Franz, Michael: It’s a TRAP: Table Randomization and Protection against Function Reuse Attacks. In: Proc. of 22nd ACM Conference on Computer and Communications Security (CCS). 2015. doi:10.1145/2810103.2813682VolltextBIB DownloadDetails

    Code-reuse attacks continue to evolve and remain a severe threat to modern software. Recent research has proposed a variety of defenses with differing security, efficiency, and practicality characteristics. Whereas the majority of these solutions focus on specific code-reuse attack variants such as return-oriented programming (ROP), other attack variants that reuse whole functions, such as the classic return-into-libc, have received much less attention. Mitigating function-level code reuse is highly challenging because one needs to distinguish a legitimate call to a function from an illegitimate one. In fact, the recent counterfeit object-oriented programming (COOP) attack demonstrated that the majority of code-reuse defenses can be bypassed by reusing dynamically bound functions, i.e., functions that are accessed through global offset tables and virtual function tables, respectively.

    In this paper, we first significantly improve and simplify the COOP attack. Based on a strong adversarial model, we then present the design and implementation of a comprehensive code-reuse defense which is resilient against reuse of dynamically-bound functions. In particular, we introduce two novel defense techniques: (i) a practical technique to randomize the layout of tables containing code pointers resilient to memory disclosure and (ii) booby trap insertion to mitigate the threat of brute-force attacks iterating over the randomized tables. Booby traps serve the dual purpose of preventing fault-analysis side channels and ensuring that each table has sufficiently many possible permutations. Our detailed evaluation demonstrates that our approach is secure, effective, and practical. We prevent realistic, COOP-style attacks against the Chromium web browser and report an average overhead of 1,1% on the SPEC CPU2006 benchmarks.

  • Conti, Mauro; Crane, Stephen; Davi, Lucas; Franz, Michael; Larsen, Per; Liebchen, Christopher; Negro, Marco; Qunaibit, Mohaned; Sadeghi, Ahmad-Reza: Losing Control: On the Effectiveness of Control-Flow Integrity under Stack Attacks. In: Proc. of 22nd ACM Conference on Computer and Communications Security (CCS). 2015. doi:10.1145/2810103.2813671VolltextBIB DownloadDetails

    Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain arbitrary code execution. One promising mitigation, control-flow integrity (CFI), has been the subject of extensive research in the past decade. One of the core findings is that adversaries can construct Turing-complete code-reuse attacks against coarse-grained CFI policies because they admit control flows that are not part of the original program. This insight led the research community to focus on fine-grained CFI implementations. In this paper we show how to exploit heap-based vulnerabilities to control the stack contents including security-critical values used to validate control-flow transfers. Our investigation shows that although program analysis and compiler-based mitigations reduce stack-based vulnerabilities, stack-based memory corruption remains an open problem. Using the Chromium web browser we demonstrate real-world attacks against various CFI implementations: 1) against CFI implementations under Windows 32-bit by exploiting unprotected context switches, and 2) against state-of-the-art fine-grained CFI implementations (IFCC and VTV) in the two premier open-source compilers under Unix-like operating systems. Both 32 and 64-bit x86 CFI checks are vulnerable to stack manipulation. Finally, we provide an exploit technique against the latest shadow stack implementation.

  • Crane, Stephen; Liebchen, Christopher; Homescu, Andrei; Davi, Lucas; Larsen, Per; Sadeghi, Ahmad-Reza; Brunthaler, Stefan; Franz, Michael: Return to Where? You Can’t Exploit What You Can’t Find. In: Black Hat USA. 2015. BIB DownloadDetails

    Detecting and preventing exploitation of memory corruption vulnerabilities is highly challenging. Until now, no countermeasure has been able to fully prevent sophisticated exploitation techniques, such as return-oriented programming (ROP). Recent control-flow integrity (CFI) defenses from Google and Microsoft can be bypassed by constructing a ROP payload that adheres to the control-flow constraints or by exploiting implementation flaws. Microsoft’s EMET has less overhead than full CFI, but offers less protection in return, and can be bypassed. Probabilistic countermeasures based on memory layout randomization (such as ASLR) are already in widespread use. However, the Pwn2own competitions have repeatedly demonstrated that attackers can bypass code randomization using memory leaks in browsers.

    To reduce the impact of memory disclosure, recent defenses utilize execute-only memory. In this work we show that execute-only memory is insufficient and that these solutions can still be bypassed. In particular, we show how to determine the code layout by analyzing pointers in the heap and on the stack without ever reading the code.

    On the defensive side, we build a comprehensive yet practical defense called Readactor that counters both direct reading of code and indirect layout disclosure through analysis of code pointers. We employ a thin hypervisor and a kernel patch to utilize true hardware execute-only memory, and prevent direct reading of code in Linux processes. We hide all code pointers in readable memory using a patched version of the LLVM compiler. We deploy a number of techniques to break ROP gadget chains and disorient the adversary. Specifically, we hide code pointers by converting them into direct jumps stored in execute-only memory to prevent indirect layout disclosure.

    Our solution is efficient, because it activates previously unused hardware capabilities in modern x86 processors and is often faster than industry CFI implementations. Our solution is also highly practical; we were able to automatically apply our defense to the Chromium web browser. Finally, our solution is comprehensive; we also protect the dynamically generated code emitted by the V8 JavaScript JIT compiler.

  • Arias, Orlando; Davi, Lucas; Hanreich, Matthias; Jin, Yier; Koeberl, Patrick; Paul, Debayan; Sadeghi, Ahmad-Reza; Sullivan, Dean: HAFIX: Hardware-Assisted Flow Integrity Extension - Best Paper. In: Proc. of 52nd Design Automation Conference (DAC). 2015. doi:10.1145/2744769.2744847VolltextBIB DownloadDetails

    Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on diverse processor architectures. Designing practical and secure defenses against code-reuse attacks is highly challenging and currently subject to intense research. However, no secure and practical system-level solutions exist so far, since a large number of proposed defenses have been successfully bypassed. To tackle this attack, we present HAFIX (Hardware-Assisted Flow Integrity eXtension), a defense against code-reuse attacks exploiting backward edges (returns). HAFIX provides fine-grained and practical protection, and serves as an enabling technology for future control-flow integrity instantiations. This paper presents the implementation and evaluation of HAFIX for the Intel Siskiyou Peak and SPARC embedded system architectures, and demonstrates its security and efficiency in code-reuse protection while incurring only 2% performance overhead.

  • Schuster, Felix; Tendyck, Thomas; Liebchen, Christopher; Davi, Lucas; Sadeghi, Ahmad-Reza; Holz, Thorsten: Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications. In: Proc. of 36th IEEE Symposium on Security and Privacy (Oakland). 2015. doi:10.1109/SP.2015.51BIB DownloadDetails

    Code reuse attacks such as return-oriented programming (ROP) have become prevalent techniques to exploit memory corruption vulnerabilities in software programs. A variety of corresponding defenses has been proposed, of which some have already been successfully bypassed - and the arms race continues. In this paper, we perform a systematic assessment of recently proposed CFI solutions and other defenses against code reuse attacks in the context of C++. We demonstrate that many of these defenses that do not consider object-oriented C++ semantics precisely can be generically bypassed in practice. Our novel attack technique, denoted as counterfeit object-oriented programming (COOP), induces malicious program behavior by only invoking chains of existing C++ virtual functions in a program through corresponding existing call sites. COOP is Turing complete in realistic attack scenarios and we show its viability by developing sophisticated, real-world exploits for Internet Explorer 10 on Windows and Firefox 36 on Linux. Moreover, we show that even recently proposed defenses (CPS, T-VIP, vfGuard, and VTint) that specifically target C++ are vulnerable to COOP. We observe that constructing defenses resilient to COOP that do not require access to source code seems to be challenging. We believe that our investigation and results are helpful contributions to the design and implementation of future defenses against control-flow hijacking attacks.

  • Crane, Stephen; Liebchen, Christopher; Homescu, Andrei; Davi, Lucas; Larsen, Per; Sadeghi, Ahmad-Reza; Brunthaler, Stefan; Franz, Michael: Readactor: Practical Code Randomization Resilient to Memory Disclosure. In: Proc. of 36th IEEE Symposium on Security and Privacy (Oakland). 2015. doi:10.1109/SP.2015.52BIB DownloadDetails

    Code-reuse attacks such as return-oriented programming (ROP) pose a severe threat to modern software. Designing practical and effective defenses against code-reuse attacks is highly challenging. One line of defense builds upon fine-grained code diversification to prevent the adversary from constructing a reliable code-reuse attack. However, all solutions proposed so far are either vulnerable to memory disclosure or are impractical for deployment on commodity systems. In this paper, we address the deficiencies of existing solutions and present the first practical, fine-grained code randomization defense, called Readactor, resilient to both static and dynamic ROP attacks. We distinguish between direct memory disclosure, where the attacker reads code pages, and indirect memory disclosure, where attackers use code pointers on data pages to infer the code layout without reading code pages. Unlike previous work, Readactor resists both types of memory disclosure. Moreover, our technique protects both statically and dynamically generated code. We use a new compiler-based code generation paradigm that uses hardware features provided by modern CPUs to enable execute-only memory and hide code pointers from leakage to the adversary. Finally, our extensive evaluation shows that our approach is practical‐-we protect the entire Google Chromium browser and its V8 JIT compiler‐-and efficient with an average SPEC CPU2006 performance overhead of only 6.4%.

  • Bucicoiu, Mihai; Davi, Lucas; Deaconescu, Razvan; Sadeghi, Ahmad-Reza: XiOS: Extended Application Sandboxing on iOS. In: Proc. of 10th ACM Symposium on Information, Computer and Communications Security (ASIACCS). 2015. doi:10.1145/2714576.2714629VolltextBIB DownloadDetails

    Until very recently it was widely believed that iOS malware is effectively blocked by Apple’s vetting process and application sandboxing. However, the newly presented severe malicious app attacks (e.g., Jekyll) succeeded to undermine these protection measures and steal private data, post Twitter messages, send SMS, and make phone calls. Currently, no effective defenses against these attacks are known for iOS. The main goal of this paper is to systematically analyze the recent attacks against iOS sandboxing and provide a practical security framework for iOS app hardening which is fully independent of the Apple’s vetting process and particularly benefits enterprises to protect employees’ iOS devices. The contribution of this paper is twofold: First, we show a new and generalized attack that significantly reduces the complexity of the recent attacks against iOS sandboxing. Second, we present the design and implementation of a novel and efficient iOS app hardening service, XiOS, that enables fine-grained application sandboxing, and mitigates the existing as well as our new attacks. In contrast to previous work in this domain (on iOS security), our approach does not require to jailbreak the device. We demonstrate the efficiency and effectiveness of XiOS by conducting several benchmarks as well as fine-grained policy enforcement on real-world iOS applications

  • Davi, Lucas; Liebchen, Christopher; Sadeghi, Ahmad-Reza; Snow, Kevin; Monrose, Fabian: Isomeron: Code Randomization Resilient to (Just-In-Time) Return-Oriented Programming. In: Proc. of 22nd Annual Network & Distributed System Security Symposium (NDSS). 2015. VolltextBIB DownloadDetails

    Until recently, it was widely believed that code randomization (such as fine-grained ASLR) can effectively mitigate code reuse attacks. However, a recent attack strategy, dubbed just-in-time return oriented programming (JIT-ROP), circumvents code randomization by disclosing the (randomized) content of many memory pages at runtime. In order to remedy this situation, new and improved code randomization defenses have been proposed.

    The contribution of this paper is twofold: first, we conduct a security analysis of a recently proposed fine-grained ASLR scheme that aims at mitigating JIT-ROP based on hiding direct code references in branch instructions. In particular, we demonstrate its weaknesses by constructing a novel JIT-ROP attack that is solely based on exploiting code references residing on the stack and heap. Our attack stresses that designing code randomization schemes resilient to memory disclosure is highly challenging. Second, we present a new and hybrid defense approach, dubbed Isomeron, that combines code randomization with execution-path randomization to mitigate conventional ROP and JIT-ROP attacks. Our reference implementation of Isomeron neither requires source code nor a static analysis phase.

    We evaluated its efficiency based on SPEC benchmarks and discuss its effectiveness against various kinds of code reuse attacks.

  • Sadeghi, Ahmad-Reza; Davi, Lucas; Larsen, Per: Securing Legacy Software against Real-World Code-Reuse Exploits: Utopia, Alchemy, or Possible Future? - Keynote. In: Proc. of 10th ACM Symposium on Information, Computer and Communications Security (ASIACCS). 2015. doi:10.1145/2714576.2737090VolltextBIB DownloadDetails

    Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over two decades and no end seems to be in sight. Since performance and backwards compatibility trump security concerns, popular programs such as web browsers, servers, and office suites still contain large amounts of untrusted legacy code written in error-prone languages such as C and C++. At the same time, modern exploits are evolving quickly and routinely incorporate sophisticated techniques such as code reuse and memory disclosure. As a result, they bypass all widely deployed countermeasures including data execution prevention (DEP) and code randomization such as address space layout randomization (ASLR).

    The good news is that the security community has recently introduced several promising prototype defenses that offer a more principled response to modern exploits. Even though these solutions have improved substantially over time, they are not perfect and weaknesses that allow bypasses are continually being discovered. Moreover, it remains to be seen whether these prototype defenses can be matured and integrated into operating systems, compilers, and other systems software.

    This paper provides a brief overview of current state-of-the-art exploitation and defense techniques against run-time exploits and elaborates on innovative research prototypes that may one day stem the tide of sophisticated exploits. We also provide a brief analysis and categorization of existing defensive techniques and ongoing work in the areas of code randomization and control-flow integrity, and cover both hardware and software-based solutions.

  • Davi, Lucas; Lehmann, Daniel; Sadeghi, Ahmad-Reza: The Beast is in Your Memory: Return-Oriented Programming Attacks Against Modern Control-Flow Integrity Protection Techniques. In: Black Hat USA. 2014. VolltextBIB DownloadDetails

    Return-oriented Programming (ROP) is a powerful exploitation technique used in nearly every exploit today. It maliciously combines short code snippets (gadgets) residing in shared libraries and the executable to bypass data execution prevention (DEP). As a consequence, several new control-flow integrity (CFI) mechanisms and tools have been recently proposed to thwart ROP attacks. For instance, kBouncer and ROPGuard both restrict return instructions to target a call-preceded instruction. In addition, ROPecker and kBouncer force the adversary to invoke a long instruction sequence after a pre-defined number of short gadgets thereby preventing an attacker to execute a sequence of ROP gadgets. Some of the proposed mechanisms have already been integrated in Microsoft's Windows EMET tool. In general, these mechanisms significantly reduce the gadget space and make it challenging for an attacker to mount ROP attacks.

    While others have hypothesized or even exploited weaknesses in some of these emerging CFI techniques, we provide the first comprehensive analysis thereof. Specifically, we conducted a security analysis of various recently proposed CFI solutions (including kBouncer, ROPGuard, ROPecker, and CFI for COTS binaries). Our key contribution is in demonstrating that these techniques can be effectively undermined even when all their protection mechanisms are combined. In particular, we transformed existing (publicly available) exploits against Windows (which are detected by Microsoft EMET) into more stealthy attacks that bypass all recently proposed CFI techniques. We show that our performed transformations require no specific assumptions, and demonstrate that a 1MB Windows library (kernel32.dll) is already sufficient to derive a (turing-) complete gadget set using only call-preceded gadgets.

  • Davi, Lucas; Lehmann, Daniel; Sadeghi, Ahmad-Reza; Monrose, Fabian: Stitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity Protection. In: Proc. of 23rd USENIX Security Symposium. 2014. VolltextBIB DownloadDetails

    Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been extensively used to exploit bugs in modern software programs (e.g., web browsers and PDF readers). ROP attacks require no code injection, and have already been shown to be powerful enough to bypass fine-grained memory randomization (ASLR) defenses. To counter this ingenious attack strategy, several proposals for enforcement of (coarse-grained) control-flow integrity (CFI) have emerged. The key argument put forth by these works is that coarse-grained CFI policies are sufficient to prevent ROP attacks. As this reasoning has gained traction, ideas put forth in these proposals have even been incorporated into coarse-grained CFI defenses in widely adopted tools (e.g., Microsoft’s EMET framework).

    In this paper, we provide the first comprehensive security analysis of various CFI solutions (covering kBouncer, ROPecker, CFI for COTS binaries, ROPGuard, and Microsoft EMET 4.1). A key contribution is in demonstrating that these techniques can be effectively undermined, even under weak adversarial assumptions. More specifically, we show that with bare minimum assumptions, turing-complete and real-world ROP attacks can still be launched even when the strictest of enforcement policies is in use. To do so, we introduce several new ROP attack primitives, and demonstrate the practicality of our approach by transforming existing real-world exploits into more stealthy attacks that bypass coarse-grained CFI defenses.

  • Davi, Lucas; Koeberl, Patrick; Sadeghi, Ahmad-Reza: Hardware-Assisted Fine-Grained Control-Flow Integrity: Towards Efficient Protection of Embedded Systems Against Software Exploitation. In: Proc. of 51st Design Automation Conference (DAC) - Special Session: Trusted Mobile Embedded Computing. 2014. doi:10.1145/2593069.2596656VolltextBIB DownloadDetails

    Embedded systems have become pervasive and are built into a vast number of devices such as sensors, vehicles, mobile and wearable devices. However, due to resource constraints, they fail to provide sufficient security, and are particularly vulnerable to runtime attacks (code injection and ROP). Previous works have proposed the enforcement of control-flow integrity (CFI) as a general defense against runtime attacks. However, existing solutions either suffer from performance overhead or only enforce coarse-grain CFI policies that a sophisticated adversary can undermine. In this paper, we tackle these limitations and present the design of novel security hardware mechanisms to enable fine-grained CFI checks. Our CFI proposal is based on a state model and a per-function CFI label approach. In particular, our CFI policies ensure that function returns can only transfer control to active call sides (i.e., return landing pads of functions currently executing). Further, we restrict indirect calls to target the beginning of a function, and lastly, deploy behavioral heuristics for indirect jumps.

  • Davi, Lucas; Lehmann, Daniel; Sadeghi, Ahmad-Reza; Monrose, Fabian: Stitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity Protection, TUD-CS-2014-0800. 2014. VolltextBIB DownloadDetails

    Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been extensively used to exploit bugs in modern software programs (e.g., web browsers and PDF readers). ROP attacks require no code injection, and have already been shown to be powerful enough to bypass fine-grained memory randomization (ASLR) defenses. To counter this ingenious attack strategy, several proposals for enforcement of (coarse-grained) control-flow integrity (CFI) have emerged. The key argument put forth by these works is that coarse-grained CFI policies are sufficient to prevent ROP attacks. As this reasoning has gained traction, ideas put forth in these proposals have even been incorporated into coarse-grained CFI defenses in widely adopted tools (e.g., Microsoft’s EMET framework).

    In this paper, we provide the first comprehensive security analysis of various CFI solutions (covering kBouncer, ROPecker, CFI for COTS binaries, ROPGuard, and Microsoft EMET 4.1). A key contribution is in demonstrating that these techniques can be effectively undermined, even under weak adversarial assumptions. More specifically, we show that with bare minimum assumptions, turing-complete and real-world ROP attacks can still be launched even when the strictest of enforcement policies is in use. To do so, we introduce several new ROP attack primitives, and demonstrate the practicality of our approach by transforming existing real-world exploits into more stealthy attacks that bypass coarse-grained CFI defenses.

  • Asokan, N.; Davi, Lucas; Dmitrienko, Alexandra; Heuser, Stephan; Kostiainen, Kari; Reshetova, Elena; Sadeghi, Ahmad-Reza: Mobile Platform Security. Morgan & Claypool, 2013. doi:10.2200/S00555ED1V01Y201312SPT009BIB DownloadDetails

    Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrates commonly used security mechanisms and techniques in mobile devices and allows a systematic comparison of different platforms. We analyze several mobile platforms using the model. In addition, this book explains hardware-security mechanisms typically present in a mobile device. We also discuss enterprise security extensions for mobile platforms and survey recent research in the area of mobile platform security. The objective of this book is to provide a comprehensive overview of the current status of mobile platform security for students, researchers, and practitioners.

  • Stancill, Blaine; Snow, Kevin; Otterness, Nathan; Monrose, Fabian; Davi, Lucas; Sadeghi, Ahmad-Reza: Check My Profile: Leveraging Static Analysis for Fast and Accurate Detection of ROP Gadgets. In: Proc. of 16th Research in Attacks, Intrusions and Defenses (RAID) Symposium. 2013. doi:10.1007/978-3-642-41284-4_4BIB DownloadDetails

    Return-oriented programming ROP offers a powerful technique for undermining state-of-the-art security mechanisms, including non-executable memory and address space layout randomization. To mitigate this daunting attack strategy, several in-built defensive mechanisms have been proposed. In this work, we instead focus on detection techniques that do not require any modification to end-user platforms. Specifically, we propose a novel framework that efficiently analyzes documents PDF, Office, or HTML files and detects whether they contain a returnoriented programming payload. To do so, we provide advanced techniques for taking memory snapshots of a target application, efficiently transferring the snapshots to a host system, as well as novel static analysis and filtering techniques to identify and profile chains of code pointers referencing ROP gadgets that may even reside in randomized libraries. Our evaluation of over 7,662 benign and 57 malicious documents demonstrate that we can perform such analysis accurately and expeditiously -- with the vast majority of documents analyzed in about 3 seconds.

  • Snow, Kevin; Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Monrose, Fabian; Sadeghi, Ahmad-Reza: Just-In-Time Code Reuse: The More Things Change, the More They Stay the Same. In: Black Hat USA. 2013. VolltextBIB DownloadDetails

    Fine-grained address space layout randomization (ASLR) has recently been proposed as a method of efficiently mitigating runtime attacks. In this presentation, we introduce the design and implementation of a framework based on a novel attack strategy, dubbed just-in-time code reuse, which both undermines the benefits of fine-grained ASLR and greatly enhances the ease of exploit development on today’s platforms that combine standard ASLR and DEP (e.g. Windows 8). Specifically, we derail the assumptions embodied in fine-grained ASLR by exploiting the ability to repeatedly abuse a memory disclosure to map an application’s memory layout on-the-fly, dynamically discover API functions and gadgets, and JIT-compile a target program using those gadgets - all within a script environment at the time an exploit is launched. We demonstrate the power of our framework by using it in conjunction with a real-world exploit against Internet Explorer, show its effectiveness in Windows 8, and also provide extensive evaluations that demonstrate the practicality of just-in-time code reuse attacks. Our findings suggest that fine-grained ASLR may not be as promising as first thought.

  • Snow, Kevin; Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Monrose, Fabian; Sadeghi, Ahmad-Reza: Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization - Best Student Paper Award. In: Proc. of 34th IEEE Symposium on Security and Privacy (Oakland). 2013. doi:10.1109/SP.2013.45VolltextBIB DownloadDetails

    Fine-grained address space layout randomization (ASLR) has recently been proposed as a method of efficiently mitigating runtime attacks. In this paper, we introduce the design and implementation of a framework based on a novel attack strategy, dubbed just-in-time code reuse, that undermines the benefits of fine-grained ASLR. Specifically, we derail the assumptions embodied in fine-grained ASLR by exploiting the ability to repeatedly abuse a memory disclosure to map an application’s memory layout on-the-fly, dynamically discover API functions and gadgets, and JIT-compile a target program using those gadgets - all within a script environment at the time an exploit is launched. We demonstrate the power of our framework by using it in conjunction with a real-world exploit against Internet Explorer, and also provide extensive evaluations that demonstrate the practicality of just-in-time code reuse attacks. Our findings suggest that fine-grained ASLR may not be as promising as first thought.

  • Davi, Lucas; Dmitrienko, Alexandra; Nürnberger, Stefan; Sadeghi, Ahmad-Reza: Gadge Me If You Can: Secure and Efficient Ad-hoc Instruction-Level Randomization for x86 and ARM. In: Proc. of 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS). 2013. doi:10.1145/2484313.2484351VolltextBIB DownloadDetails

    Code reuse attacks such as return-oriented programming are one of the most powerful threats to contemporary software. ASLR was introduced to impede these attacks by dispersing shared libraries and the executable in memory. However, in practice its entropy is rather low and, more importantly, the leakage of a single address reveals the position of a whole library in memory. The recent mitigation literature followed the route of randomization, applied it at different stages such as source code or the executable binary. However, the code segments still stay in one block. In contrast to previous work, our randomization solution, called XIFER, (1) disperses all code (executable and libraries) across the whole address space, (2) re-randomizes the address space for each run, (3) is compatible to code signing, and (4) does neither require offline static analysis nor source-code. Our prototype implementation supports the Linux ELF file format and covers both mainstream processor architectures x86 and ARM. Our evaluation demonstrates that XIFER performs efficiently at load- and during run-time (1.2% overhead).

  • Werthmann, Tim; Hund, Ralf; Davi, Lucas; Sadeghi, Ahmad-Reza; Holz, Thorsten: PSiOS: Bring Your Own Privacy & Security to iOS Devices - Distinguished Paper Award. In: Proc. of 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS). 2013. doi:10.1145/2484313.2484316VolltextBIB DownloadDetails

    Apple iOS is one of the most popular mobile operating systems. As its core security technology, iOS provides application sandboxing but assigns a generic sandboxing profile to every third-party application. However, recent attacks and incidents with benign applications demonstrate that this design decision is vulnerable to crucial privacy and security breaches, allowing applications (either benign or malicious) to access contacts, photos, and device IDs. Moreover, the dynamic character of iOS apps written in Objective-C renders the currently proposed static analysis tools less useful.

    In this paper, we aim to address the open problem of preventing (not only detecting) privacy leaks and simultaneously strengthening security against runtime attacks on iOS. Compared to similar research work on the open Android, realizing such a system for the closed-source iOS is highly involved.

    We present the design and implementation of PSiOS, a tool that features a novel policy enforcement framework for iOS. It provides fine-grained, application-specific, and user/administrator defined sandboxing for each third-party application without requiring access to the application source code. Our reference implementation deploys control-flow integrity based on the recently proposed MoCFI (Mobile CFI) framework that only protects applications against runtime attacks. We evaluated several popular iOS applications (e.g., Facebook, WhatsApp) to demonstrate the efficiency and effectiveness of PSiOS.

  • Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Sadeghi, Ahmad-Reza: Over-the-air Cross-Platform Infection for Breaking mTAN-based Online Banking Authentication. In: BlackHat Abu Dhabi. 2012. BIB DownloadDetails
  • Davi, Lucas; Dmitrienko, Alexandra; Nürnberger, Stefan; Sadeghi, Ahmad-Reza: XIFER: A Software Diversity Tool Against Code-Reuse Attacks. In: Proc. of 4th ACM International Workshop on Wireless of the Students, by the Students, for the Students (S3). 2012. VolltextBIB DownloadDetails

    The enormous growth of mobile devices and their app markets has raised many security and privacy concerns. Runtime attacks seem to be a major threat, in particular, code-reuse attacks that do not require any external code injection (e.g., return-to-libc or return-oriented programming).

    We present, for the first time, a code transformation tool that completely mitigates code-reuse attacks by applying software diversity to the binary at runtime. Our tool XIFER (1) randomly diversifies the code of an application over the entire memory for each invocation, (2) requires no source code or any static analysis, (3) can be applied to both Intel x86 and ARM Linux executables, and (4) induces a negligible runtime overhead of only 1% in average.

  • Davi, Lucas; Dmitrienko, Alexandra; Egele, Manuel; Fischer, Thomas; Holz, Thorsten; Hund, Ralf; Nürnberger, Stefan; Sadeghi, Ahmad-Reza: MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones. In: Proc. of 19th Annual Network & Distributed System Security Symposium (NDSS). 2012. VolltextBIB DownloadDetails

    Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute one of the most severe threats to software programs. These attacks are prevalent and have been recently applied to smartphone applications as well, of which hundreds of thousands are downloaded by users every day. While a framework for control-flow integrity (CFI) enforcement, an approach to prohibit this kind of attacks, exists for the Intel x86 platform, there is no such a solution for smartphones.

    In this paper, we present a novel framework, MoCFI (Mobile CFI), that provides a general countermeasure against control-flow attacks on smartphone platforms by enforcing CFI. We show that CFI on typical smartphone platforms powered by an ARM processor is technically involved due to architectural differences between ARM and Intel x86, as well as the specifics of smartphone OSes. Our framework performs CFI on-the-fly during runtime without requiring the application’s source code. For our reference implementation we chose Apple’s iOS, because it has been an attractive target for control-flow attacks. Nevertheless, our framework is also applicable to other ARM-based devices such as Google’s Android. Our performance evaluation demonstrates that MoCFI is efficient and does not induce notable overhead when applied to popular iOS applications.

  • Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza; Shastry, Bhargava: Towards Taming Privilege-Escalation Attacks on Android. In: Proc. of 19th Annual Network & Distributed System Security Symposium (NDSS). 2012. VolltextBIB DownloadDetails

    Android’s security framework has been an appealing subject of research in the last few years. Android has been shown to be vulnerable to application-level privilege escalation attacks, such as confused deputy attacks, and more recently, attacks by colluding applications. While most of the proposed approaches aim at solving confused deputy attacks, there is still no solution that simultaneously addresses collusion attacks.

    In this paper, we investigate the problem of designing and implementing a practical security framework for Android to protect against confused deputy and collusion attacks. We realize that defeating collusion attacks calls for a rather system-centric solution as opposed to application-dependent policy enforcement. To support our design decisions, we conduct a heuristic analysis of Android’s system behavior (with popular apps) to identify attack patterns, classify different adversary models, and point out the challenges to be tackled. Then we propose a solution for a system-centric and policy-driven runtime monitoring of communication channels between applications at multiple layers: 1) at the middleware we control IPCs between applications and indirect communication via Android system components. Moreover, inspired by the approach in QUIRE, we establish semantic links between IPCs and enable the reference monitor to verify the call-chain; 2) at the kernel level we realize mandatory access control on the file system (including Unix domain sockets) and local Internet sockets. To allow for runtime, dynamic low-level policy enforcement, we provide a callback channel between the kernel and the middleware. Finally, we evaluate the efficiency and effectiveness of our framework on known confused deputy and collusion attacks, and discuss future directions.

  • Davi, Lucas; Dmitrienko, Alexandra; Egele, Manuel; Fischer, Thomas; Holz, Thorsten; Hund, Ralf; Nürnberger, Stefan; Sadeghi, Ahmad-Reza: POSTER: Control-Flow Integrity for Smartphones. In: Proc. of 18th ACM Conference on Computer and Communications Security (CCS). 2011. doi:10.1145/2046707.2093484VolltextBIB DownloadDetails

    Despite extensive research over the last two decades, runtime attacks on software are still prevalent. Recently, smartphones, of which millions are in use today, have become an attractive target for adversaries. However, existing solutions are either ad-hoc or limited in their effectiveness.

    In this poster, we present a general countermeasure against runtime attacks on smartphone platforms. Our approach makes use of control-flow integrity (CFI), and tackles unique challenges of the ARM architecture and smartphone platforms. Our framework and implementation is efficient, since it requires no access to source code, performs CFI enforcement on-the-fly during runtime, and is compatible to memory randomization and code signing/encryption. We chose Apple iPhone for our reference implementation, because it has become an attractive target for runtime attacks. Our performance evaluation on a real iOS device demonstrates that our implementation does not induce any notable overhead when applied to popular iOS applications.

  • Bugiel, Sven; Davi, Lucas; Schulz, Steffen: Scalable Trust Establishment with Software Reputation. In: Proc. of 6th ACM Workshop on Scalable Trusted Computing (STC). 2011. doi:10.1145/2046582.2046587VolltextBIB DownloadDetails
    Users and administrators are often faced with the choice between different software solutions, sometimes even have to assess the security of complete software systems. With sufficient time and resources, such decisions can be based on extensive testing and review. However, in practice this is often too expensive and time consuming.

    In this paper, we present a pragmatic, but scalable approach for the trustworthiness assessment of software programs based on their security history. The approach can be used to, e.g. automatically sort programs in an App store by their security record or to assess the trustworthiness of complex software systems in remote attestation schemes. Our prototype implementation for the popular Debian GNU/Linux system achieves good prediction accuracy for individual programs as well as entire systems.

  • Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza; Shastry, Bhargava: POSTER: The Quest for Security against Privilege Escalation Attacks on Android. In: Proc. of 18th ACM Conference on Computer and Communications Security (CCS). 2011. doi:10.1145/2046707.2093482VolltextBIB DownloadDetails

    In this paper we present the design and implementation of a security framework that extends the reference monitor of the Android middleware and deploys a mandatory access control on Linux kernel (based on Tomoyo) aiming at detecting and preventing application-level privilege escalation attacks at runtime.

    In contrast to existing solutions, our framework is system-centric, efficient, detects attacks that involve communication channels controlled by both, Android middleware and the Linux kernel (particularly, Binder IPC, Internet sockets and file system). It can prevent known confused deputy attacks without false positives and is also flexible enough to prevent unknown confused deputy attacks and attacks by colluding applications (e.g., Soundcomber) at the cost of a small rate of false positives.

  • Davi, Lucas; Dmitrienko, Alexandra; Kowalski, Christoph; Winandy, Marcel: Trusted Virtual Domains on OKL4: Secure Information Sharing on Smartphones. In: Proc. of 6th ACM Workshop on Scalable Trusted Computing (STC). 2011. doi:10.1145/2046582.2046592VolltextBIB DownloadDetails
    The flexibility and computing power of modern smartphones to install and execute various applications allows for a rich user experience but also imposes several security concerns. Smartphones that are used both for private and corporate purposes do not separate the data and applications of different security domains, and users are usually too unskilled to deploy and configure extra security mechanisms. Hence, data leakage and unwanted information flow may occur.

    In this paper we present the design and implementation of the Trusted Virtual Domain (TVD) security architecture for smartphones. The TVD concept separates data and applications of different security domains and automates the security configuration on devices. In particular, we build our solution on top of the OKL4 microkernel, which provides the basic isolation properties, and extend it with a framework that realizes the TVD policy enforcement for Android operating systems. Our results show that the TVD security architecture can be built and used on modern smartphones, but there are also limitations that current security kernels like OKL4 have to address to improve the user experience.

  • Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Heuser, Stephan; Sadeghi, Ahmad-Reza; Shastry, Bhargava: Practical and Lightweight Domain Isolation on Android. In: Proc. of 1st ACM Workshop on Security and Privacy in Mobile Devices (SPSM). 2011. doi:10.1145/2046614.2046624VolltextBIB DownloadDetails

    In this paper, we introduce a security framework for practical and lightweight domain isolation on Android to mitigate unauthorized data access and communication among applications of different trust levels (e.g., private and corporate). We present the design and implementation of our framework, TrustDroid, which in contrast to existing solutions enables isolation at different layers of the Android software stack: (1) at the middleware layer to prevent inter-domain application communication and data access, (2) at the kernel layer to enforce mandatory access control on the file system and on Inter-Process Communication (IPC) channels, and (3) at the network layer to mediate network traffic. For instance, (3) allows network data to be only read by a particular domain, or enables basic context-based policies such as preventing Internet access by untrusted applications while an employee is connected to the company’s network.

    Our approach accurately addresses the demands of the business world, namely to isolate data and applications of different trust levels in a practical and lightweight way. Moreover, our solution is the first leveraging mandatory access control with TOMOYO Linux on a real Android device (Nexus One). Our evaluation demonstrates that TrustDroid only adds a negligible overhead, and in contrast to contemporary full virtualization, only minimally affects the battery’s life-time.

  • Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza: XManDroid: A New Android Evolution to Mitigate Privilege Escalation Attacks, TR-2011-04. 2011. VolltextBIB DownloadDetails

    Google Android has become a popular mobile operating system which is increasingly deployed by mobile device manufactures for various platforms. Recent attacks show that Android’s permission framework is vulnerable to application-level privilege escalation attacks, i.e., an application may indirectly gain privileges to perform unauthorized actions. The existing proposals for security extensions to Android’s middleware (e.g., Kirin, Saint or TaintDroid) cannot fully and adequately mitigate these attacks or detect Trojans such as Soundminer that exploit covert channels in the Android system.

    In this paper we present the design and implementation of XManDroid (eXtended Monitoring on Android), a security framework that extends the monitoring mechanism of Android to detect and prevent application-level privilege escalation attacks at runtime based on a system-centric system policy. Our implementation dynamically analyzes applications’ transitive permission usage while inducing a minimal performance overhead unnoticeable for the user. Depending on system policy our system representation allows for an effective detection of (covert) channels established through the Android system services and content providers while simultaneously optimizing the rate of false positives. We evaluate the effectiveness of XManDroid on our test suite that simulates known application-level privilege escalation attacks (including Soundminer), and demonstrate successful detection of attacks that use Android’s inter-component communication (ICC) framework (standard for most attacks). We also preformed a usability test to evaluate the impact of XManDroid on the user-experience with third party applications. Moreover, we analyze sources of false positives and discuss how this rate can be further significantly reduced.

  • Davi, Lucas; Sadeghi, Ahmad-Reza; Winandy, Marcel: ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks. In: Proc. of 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS). 2011. doi:10.1145/1966913.1966920VolltextBIB DownloadDetails

    Modern runtime attacks increasingly make use of the powerful return-oriented programming (ROP) attack techniques and principles such as recent attacks on Apple iPhone and Acrobat products to name some. These attacks even work under the presence of modern memory protection mechanisms such as data execution prevention (DEP). In this paper, we present our tool, ROPdefender, that dynamically detects conventional ROP attacks (that are based on return instructions). In contrast to existing solutions, ROPdefender can be immediately deployed by end-users, since it does not rely on side information (e.g., source code or debugging information) which are rarely provided in practice. Currently, our tool adds a runtime overhead of 2x which is comparable to similar instrumentation-based tools.

  • Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Winandy, Marcel: Privilege Escalation Attacks on Android. In: Proc. of 13th Information Security Conference (ISC). 2010. doi:10.1007/978-3-642-18178-8_30BIB DownloadDetails

    Android is a modern and popular software platform for smartphones. Among its predominant features is an advanced security model which is based on application-oriented mandatory access control and sandboxing. This allows developers and users to restrict the execution of an application to the privileges it has (mandatorily) assigned at installation time. The exploitation of vulnerabilities in program code is hence believed to be confined within the privilege boundaries of an application’s sandbox. However, in this paper we show that a privilege escalation attack is possible. We show that a genuine application exploited at runtime or a malicious application can escalate granted permissions. Our results immediately imply that Android’s security model cannot deal with a transitive permission usage attack and Android’s sandbox model fails as a last resort against malware and sophisticated runtime attacks.

  • Checkoway, Stephen; Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Shacham, Hovav; Winandy, Marcel: Return-Oriented Programming without Returns. In: Proc. of 17th ACM conference on Computer and Communications Security (CCS). 2010. doi:10.1145/1866307.1866370VolltextBIB DownloadDetails
    We show that on both the x86 and ARM architectures it is possible to mount return-oriented programming attacks without using return instructions. Our attacks instead make use of certain instruction sequences that behave like a return, which occur with sufficient frequency in large libraries on (x86) Linux and (ARM) Android to allow creation of Turing-complete gadget sets.

    Because they do not make use of return instructions, our new attacks have negative implications for several recently proposed classes of defense against return-oriented programming: those that detect the too-frequent use of returns in the instruction stream; those that detect violations of the last-in, first-out invariant normally maintained for the return-address stack; and those that modify compilers to produce code that avoids the return instruction.

  • Davi, Lucas; Sadeghi, Alexandra Dmitrienko Ahmad-Reza; Winandy, Marcel: Return-Oriented Programming without Returns on ARM, HGI-TR-2010-002. 2010. VolltextBIB DownloadDetails

    In this paper we present a novel and general memory-related attack method on ARM-based computing platforms. Our attack deploys the principles of return-oriented programming (ROP), however, in contrast to conventional ROP, it exploits jumps instead of returns, and hence it can not be detected by return address checkers. Although a similar attack has been recently proposed for Intel x86, it was unclear if the attack technique can be deployed to ARM-based computing platforms as well. Developing a jump-based attack on ARM is more involved, because ARM is based on a RSIC architecture which differs in many aspects from Intel's x86 architecture. Nevertheless, we show a Turing-complete attack that can induce arbitrary change of behavior in running programs without requiring code injection. As proof of concept, we instantiate our attack method on the Android platform.

  • Davi, Lucas; Sadeghi, Ahmad-Reza; Winandy, Marcel: ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks, HGI-TR-2010-001. 2010. VolltextBIB DownloadDetails

    Return-oriented programming (ROP) is a technique that enables an adversary to construct malicious programs with the desired behavior by combining short instruction sequences that already reside in the memory space of a program. ROP attacks have already been demonstrated on various processor architectures ranging from PCs to smartphones and special-purpose systems.

    In this paper, we present our tool, ROPdefender, that dynamically detects conventional ROP attacks (that are based on return instructions) with a reasonable runtime overhead of 2x. In contrast to existing solutions, (i) ROPdefender does not rely on side information (e.g., source code or debugging information) and (ii) it instruments all return instructions issued during program execution including all returns from dynamic libraries, even if the adversary subverts the control flow by other means. Moreover, ROPdefender can handle Unix signals, non-local control transfers, C++ exceptions, lazy binding, and can be applied to multi-threaded applications such as Mozilla Firefox or Acrobat Reader. Finally our implementation supports mainstream operating systems (Windows and Linux) for the Intel x86 architecture. As proof of concept we show that ROPdefender successfully detects recent Acrobat Reader exploits on Windows.

  • Davi, Lucas; Sadeghi, Ahmad-Reza; Winandy, Marcel: Dynamic integrity measurement and attestation: Towards defense against return-oriented programming attacks. In: Proc. of 4th ACM Workshop on Scalable Trusted Computing (STC). 2009. doi:10.1145/1655108.1655117VolltextBIB DownloadDetails

    Despite the many efforts made in recent years to mitigate runtime attacks such as stack and heap based buffer overflows, these attacks are still a common security concern in today's computing platforms. Attackers have even found new ways to enforce runtime attacks including use of a technique called return-oriented programming. Trusted Computing provides mechanisms to verify the integrity of all executable content in an operating system. But they only provide integrity at load-time and are not able to prevent or detect runtime attacks. To mitigate return-oriented programming attacks, we propose new runtime integrity monitoring techniques that use tracking instrumentation of program binaries based on taint analysis and dynamic tracing. We also describe how these techniques can be employed in a dynamic integrity measurement architecture (DynIMA). In this way we fill the gap between static load-time and dynamic runtime attestation and, in particular, extend trusted computing techniques to effectively defend against return-oriented programming attacks.

Gutachtertätigkeiten:

Programmkomitee Mitglied

  • CCS 2024 - 31st ACM Conference on Computer and Communications Security (Track: Blockchain and Distributed Systems)
  • WiSec 2024 - 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks
  • EURO SP 2024 - 9th IEEE European Symposium on Security and Privacy
  • USENIX SEC 2024 - 33rd USENIX Security Symposium
  • EURO SP 2023 - 8th IEEE European Symposium on Security and Privacy
  • CCS 2023 - 30th ACM Conference on Computer and Communications Security (Track: Blockchain and Distributed Systems)
  • ASIACCS 2023 - 18th ACM Asia Conference on Computer and Communications Security
  • NDSS 2023 - 30th Network and Distributed System Security Symposium
  • DAC 2022 - 59th Design Automation Conference, Track SEC3. Embedded and Cross-Layer Security
  • PETS 2022 - 22nd Privacy Enhancing Technologies Symposium
  • NDSS 2022 - 29th Network and Distributed System Security Symposium
  • S&P 2022 - 43rd IEEE Symposium on Security and Privacy
  • CCS 2021 - 28th ACM Conference on Computer and Communications Security
  • SecureComm 2021 - 17th EAI International Conference on Security and Privacy in Communication Networks
  • SILM 2021 - 3rd Workshop on the Security of Software/Hardware Interfaces
  • DAC 2021 - 58th Design Automation Conference, Track SEC3. Embedded and Cross-Layer Security
  • USENIX SEC 2021 - 30th USENIX Security Symposium
  • NDSS 2021 - 28th Network and Distributed System Security Symposium
  • PETS 2021 - 21st Privacy Enhancing Technologies Symposium
  • CCS 2020 - 27th ACM Conference on Computer and Communications Security
  • SILM 2020 - 2nd Workshop on the Security of Software/Hardware Interfaces
  • USENIX SEC 2020 - 29th USENIX Security Symposium
  • NDSS 2020 - 27th Network and Distributed System Security Symposium
  • ASIACCS 2020 - 15th ACM Asia Conference on Computer and Communications Security
  • CCS 2019 - 26th ACM Conference on Computer and Communications Security
  • WOOT 2019 - 13th USENIX Workshop on Offensive Technologies
  • ISC 2019 - 22nd Information Security Conference (ISC)
  • ASIACCS 2019 - 14th ACM Asia Conference on Computer and Communications Security
  • WWW 2019 - 30th The Web Conference
  • NDSS 2019 - 26th Network and Distributed System Security Symposium
  • DATE 2019 - 22nd Conference on Design, Automation and Test in Europe (Track A5 Secure Systems, Circuits, and Architectures)
  • CCS 2018 - 25th ACM Conference on Computer and Communications Security
  • RAID 2018 - 21st International Symposium on Research in Attacks, Intrusions and Defenses
  • ISC 2018 - 21st Information Security Conference (ISC)
  • DIMVA 2018 - 15th International Conference on Detection of Intrusions and Malware & Vulnerability Assessment
  • USENIX SEC 2018 - 27th USENIX Security Symposium
  • ASIACCS 2018 - 13th ACM Asia Conference on Computer and Communications Security
  • ROOTS 2017 -  1st Reversing and Offensive-oriented Trends Symposium
  • CARDIS 2017 - 17th Smart Card Research and Advanced Application Conference
  • CCS 2017 - 24th ACM Conference on Computer and Communications Security
  • ACSAC 2017 - 33nd Annual Computer Security Applications Conference
  • CSET 2017 - 10th USENIX Workshop on Cyber Security Experimentation and Test
  • WOOT 2017 - 11th USENIX Workshop on Offensive Technologies
  • EuroSec 2017 - 10th European Workshop on Systems Security
  • DIMVA 2017 - 14th International Conference on Detection of Intrusions and Malware & Vulnerability Assessment
  • MoST 2017 - 6th IEEE Mobile Security Technologies Workshop
  • SEMS 2017 - Workshop on Security for Embedded and Mobile Systems
  • ICDCS 2017 - 37th IEEE International Conference on Distributed Computing Systems
  • ASIACCS 2017 - 12th ACM Asia Conference on Computer and Communications Security
  • SPSM 2016 - 6th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices
  • ACSAC 2016 - 32nd Annual Computer Security Applications Conference
  • RAID 2016 - 19th International Symposium on Research in Attacks, Intrusions and Defenses
  • DIMVA 2016 - 13th International Conference on Detection of Intrusions and Malware & Vulnerability Assessment
  • EuroSec 2016 - 9th European Workshop on Systems Security
  • ICDCS 2016 - 36th IEEE International Conference on Distributed Computing Systems
  • ACNS 2016 - 14th International Conference on Applied Cryptography and Network Security
  • TrustED 2015 - 5th International Workshop on Trustworthy Embedded Devices
  • WOOT 2015 - 9th USENIX Workshop on Offensive Technologies
  • RAID 2015 - 18th International Symposium on Research in Attacks, Intrusions and Defenses
  • AReS - International Conference on Availability, Reliability and Security, 2012 - 2014

Editorial Board

  • TOPS - ACM Transactions on Privacy and Security

Poster/Demo (Co-)Chair

  • ASIACCS 2017 - 12th ACM Asia Conference on Computer and Communications Security

Vorträge:

Filter:
  • Davi, Lucas: Smart Contract Attacks and Defenses, Distinguished Cybersecurity Lecture Series, 19.01.2022, Ohio State University. Details

    Smart contracts are computer programs that execute on the blockchain, receive and send transactions, and maintain a balance of cryptocurrency. In the recent past, we have witnessed a variety of attacks against smart contracts with cryptocurrency loses up to 50 million US Dollars. These attacks were possible due to errors in the smart contract logic. In this talk we investigate dynamic analysis approaches to secure smart contracts and discuss patching and hardening strategies.


    Smart contracts are computer programs that execute on the blockchain, receive and send transactions, and maintain a balance of cryptocurrency. In the recent past, we have witnessed a variety of attacks against smart contracts with cryptocurrency loses up to 50 million US Dollars. These attacks were possible due to errors in the smart contract logic. In this talk we investigate dynamic analysis approaches to secure smart contracts and discuss patching and hardening strategies.

  • Davi, Lucas: How Secure are Trusted Execution Environments? Finding and Exploiting Memory Corruption Errors in Enclave Code, OpenS3 Workshop on Building Intelligent Trustworthy Computing Systems: Challenges and Opportunities, 04.11.2021, Darmstadt (Virtual). Details
  • Davi, Lucas: Finding and Exploiting Bugs in Intel SGX Enclaves, Cybersecurity Seminar Series, Texas A&M Cybersecurity Center, 11.11.2020, . Details

    Trusted execution environments such as Intel Software Guard Extensions (SGX) enforce strong isolation of security-critical code and data. While previous work has focused on side-channel attacks, this talk will investigate memory corruption attacks such as return-oriented programming in the context of SGX. We will demonstrate how an attacker can exploit the Intel SDK libraries to compromise enclaves and steal secret information. In addition, we will investigate the host-to-enclave boundary and its susceptibility to memory corruption attacks and how we can develop analysis approaches to detect vulnerable enclave code.

    Presentation video available here

  • Davi, Lucas: Memory Corruption Attacks Against Intel SGX - Invited Talk, DC-Area Anonymity, Privacy, and Security Seminar, 05.12.2019, Washington D.C., USA. Details

    The Intel Software Guard Extensions (SGX) technology allows an application developer to isolate security-critical code and data inside a protected memory area called enclave. While most research has studied side-channel attacks against SGX this talk will investigate memory corruption attacks such as return-oriented programming in the context of SGX. We will demonstrate how an attacker can exploit the Intel SDK libraries to compromise enclaves and steal secret information. In addition we will investigate the host-to-enclave boundary and its susceptibility to memory corruption attacks.

    Seminar Homepage: dcaps.info/2019-12-05.html


    The Intel Software Guard Extensions (SGX) technology allows an application developer to isolate security-critical code and data inside a protected memory area called enclave. While most research has studied side-channel attacks against SGX this talk will investigate memory corruption attacks such as return-oriented programming in the context of SGX. We will demonstrate how an attacker can exploit the Intel SDK libraries to compromise enclaves and steal secret information. In addition we will investigate the host-to-enclave boundary and its susceptibility to memory corruption attacks.

    Seminar Homepage: dcaps.info/2019-12-05.html

  • Davi, Lucas: Memory Corruption Attacks in the Context of Trusted Execution Environments - Invited Talk, SILM seminar on the Security of Software/Hardware Interfaces, 08.11.2019, INRIA, Rennes, France. Details

    ARM TrustZone and Intel Software Guard Extensions (SGX) offer hardware-assisted trusted execution environments (TEEs) to enable strong isolation of security-critical code and data. They also allow systems to perform remote attestation, where a device challenges another device to report its current state. In this talk, we elaborate on remote attestation schemes that do not only attest static properties, but also cover run-time control-flow behavior of applications based on ARM TrustZone. While TEEs enable secure attestation of control-flow behavior, memory corruption attacks (e.g., return-oriented programming) inside TEEs can undermine remote attestation schemes. This talk will elaborate on memory corruption attacks for the use-case of SGX and how we can develop analysis approaches to detect vulnerable TEE code.

    Presentation Video: https://videos-rennes.inria.fr/video/BksfYbigI 

  • Davi, Lucas: Risky Contracts: Breaking and Fixing Smart Contracts, AMSEC Workshop on System Security, 25.10.2019, Amsterdam. Details

    Smart contracts are computer programs that execute on the blockchain, receive and send transactions, and maintain a balance of cryptocurrency. In the recent past, we have witnessed a variety of attacks against smart contracts with cryptocurrency loses up to 50 million US Dollars. These attacks were possible due to errors in the smart contract logic. To tackle such attacks, a large number of mitigation technologies have been proposed. In this talk, we provide an overview of static and dynamic analysis techniques to tackle smart contract errors.

  • Davi, Lucas: From Control-Flow to Data-Oriented Exploits, CROSSING Summer School on Sustainable Security & Privacy, 13.09.2019, Darmstadt, Germany. Details
  • Davi, Lucas: Exploiting Software Errors: From Control-Flow to Data-Oriented Exploits, International Summer School on System Security (S3), 04.09.2019, University of Padua, Italy. Details
  • Arora, Organizers: Divya; Polian, Ilia; Regazzoni, Francesco; Schaumont, Patrick: Secure Composition for Hardware Systems, Dagstuhl Seminar, Event 19301, 22.07.2019, Dagstuhl, Germany. Details
  • Davi, Lucas: Your Contract is at Risk: Towards Secure Execution of Smart Contracts, Informatik-Kolloquium, 15.07.2019, Julius-Maximilians-Universität (JMU), Würzburg, Germany. Details
  • Davi, Lucas: Hardware-Assisted Application Security and Attacks, Huawei Security Technology SAB Summit, 11.07.2019, Munich, Germany. Details
  • Davi, Lucas; Sadeghi, Ahmad-Reza: Memory Corruption Attacks and Defenses in the Context of Real-World Crypto - Tutorial, Summer School on real-world crypto and privacy, 20.06.2019, Sibenik, Croatia. Details

    Software attacks exploit vulnerabilities in programs to trigger malicious operations and steal sensitive data. In this context, memory corruption attacks play a vital role as they allow an attacker to perform arbitrary reads and writes to main memory. While traditional attacks required the attacker to directly inject malicious code into the memory space of an application, modern attacks either only induce malicious execution by means of a combination of existing code (return-oriented programming) or only manipulate variables without violating the program’s control flow (data-oriented exploits). For the case of real-world crypto schemes, these attacks are capable of stealing and altering cryptographic material.

    In this tutorial, we provide an overview of the state-of-the-art memory exploitation techniques and defenses. We start with the main principles of memory exploitation covering stack smashing, return-oriented programming, and data-oriented programming. Next, we present modern defense techniques such as control-flow integrity and memory randomization.

    In the second part of this tutorial, we continue with a hands-on lab where attendees will have the opportunity to construct proof-of-concept memory exploits that undermine cryptographic schemes deployed by the target application.

    More information on the summer school here


    Software attacks exploit vulnerabilities in programs to trigger malicious operations and steal sensitive data. In this context, memory corruption attacks play a vital role as they allow an attacker to perform arbitrary reads and writes to main memory. While traditional attacks required the attacker to directly inject malicious code into the memory space of an application, modern attacks either only induce malicious execution by means of a combination of existing code (return-oriented programming) or only manipulate variables without violating the program’s control flow (data-oriented exploits). For the case of real-world crypto schemes, these attacks are capable of stealing and altering cryptographic material.

    In this tutorial, we provide an overview of the state-of-the-art memory exploitation techniques and defenses. We start with the main principles of memory exploitation covering stack smashing, return-oriented programming, and data-oriented programming. Next, we present modern defense techniques such as control-flow integrity and memory randomization.

    In the second part of this tutorial, we continue with a hands-on lab where attendees will have the opportunity to construct proof-of-concept memory exploits that undermine cryptographic schemes deployed by the target application.

    More information on the summer school here

  • Davi, Lucas: Protecting the Immutable: Can We Prevent Re-Entrancy Attacks Against Deployed Smart Contracts? - Lecture, Lecture Series in Distributed Ledgers and Smart Contracts, 05.04.2019, Darmstadt, Germany. Details
  • Davi, Lucas: Sereum - Protecting Existing Smart Contracts Against Re-Entrancy Attacks - Invited Talk, CODE Colloquium 2019, 13.03.2019, Universität der Bundeswehr München. Details

    Recently, a number of existing blockchain systems have witnessed major bugs and vulnerabilities within smart contracts. Although the literature features a number of proposals for securing smart contracts, these proposals mostly focus on proving the correctness or absence of a certain type of vulnerability within a contract, but cannot protect deployed (legacy) contracts from being exploited. In this talk, we present Sereum (Secure Ethereum) which protects deployed contracts in a backwards compatible way based on run-time monitoring and validation. We also study new re-entrancy attack patterns that have been overlooked by previous on smart contract bug detection.


    Recently, a number of existing blockchain systems have witnessed major bugs and vulnerabilities within smart contracts. Although the literature features a number of proposals for securing smart contracts, these proposals mostly focus on proving the correctness or absence of a certain type of vulnerability within a contract, but cannot protect deployed (legacy) contracts from being exploited. In this talk, we present Sereum (Secure Ethereum) which protects deployed contracts in a backwards compatible way based on run-time monitoring and validation. We also study new re-entrancy attack patterns that have been overlooked by previous on smart contract bug detection.

  • Davi, Lucas: Protecting Existing Smart Contracts Against Attacks - Invited Talk, CYSMICS Picks Workshop, 28.02.2019, UC San Diego, CA, USA. Details

    Recently, a number of existing blockchain systems have witnessed major bugs and vulnerabilities within smart contracts. Existing proposals mostly focus on proving the correctness or absence of a certain type of vulnerability within a contract, but cannot protect deployed (legacy) contracts from being exploited. We address this problem and develop a novel smart contract security technology, called Sereum (Secure Ethereum), which protects existing, deployed contracts in a backwards compatible way based on run-time monitoring and validation. By means of implementation and evaluation using the Ethereum blockchain, we show that Sereum covers the actual execution flow of a smart contract to accurately detect and prevent re-entrancy attacks with a low false positive rate and negligible run-time overhead.


    Recently, a number of existing blockchain systems have witnessed major bugs and vulnerabilities within smart contracts. Existing proposals mostly focus on proving the correctness or absence of a certain type of vulnerability within a contract, but cannot protect deployed (legacy) contracts from being exploited. We address this problem and develop a novel smart contract security technology, called Sereum (Secure Ethereum), which protects existing, deployed contracts in a backwards compatible way based on run-time monitoring and validation. By means of implementation and evaluation using the Ethereum blockchain, we show that Sereum covers the actual execution flow of a smart contract to accurately detect and prevent re-entrancy attacks with a low false positive rate and negligible run-time overhead.

  • Davi, Lucas: Sereum: Laufzeitschutz für Smart Contracts gegen Re-Entrancy Angriffe, Future-Camp "Blockchain in der Energiewirtschaft", 18.02.2019, Essen. Details
  • Davi, Lucas: Laufzeitschutz für Smart Contracts gegen Re-Entrancy Angriffe, CampusLab - Barmenia-Ringvorlesung, 12.12.2018, Essen. Details

    Blockchain-basierte Systeme wie Ethereum erlauben das Ausführen von Programmen, sogenannten Smart Contracts, auf der Blockchain. Smart Contracts sind dabei in der Lage Kryptowährungen zu besitzen und autonom zu transferieren. Damit werden Smart Contracts ein attraktives Ziel für Cyberkriminelle. Neue Angriffstechniken wie beispielsweise die sogenannten Re-Entrancy Angriffe erlauben es Angreifern große Mengen an Kryptowährungen zu stehlen. So wurden im berüchtigten DAO Angriff Kryptowährung im Umfang von circa 50 Millionen US-Dollar abgegriffen. Existierende Schutzmechanismen beruhen darauf Entwickler mittels statische Programmanalysewerkzeugen vorab vor sicherheitsanfälligen Programmcode zu warnen. Allerdings können einmal veröffentlichte Smart Contracts nur mit sehr viel Aufwand aktualisiert werden. In diesem Vortrag beschreiben wir einen neuen Forschungsansatz, um existierende, bereits veröffentlichte Smart Contracts vor Re-Entrancy Angriffen zu schützen. Dabei gehen wir auch auf neuartige Angriffstechniken ein, die von existierenden statischen Programmanalysewerkzeugen nur unzureichend abgedeckt werden.

  • Davi, Lucas: Verwundbare IT-Systeme: Moderne Angriffstechniken zum Ausnutzen von Software Sicherheitslücken, Lehrerfortbildung Informatik 2018, 15.11.2018, Essen. Details

    Cybersicherheit, Cyberspionage, Wahlmaschinen-Hacks, Exploits sind Begriffe mit denen wir immer häufiger in den Nachrichten konfrontiert werden. Der Aufbruch ins digitale Zeitalter, das Wachstum des Internets und die Vernetzung kleiner Mikro-Computer zum Internet der Dinge bringen neue und hohe Herausforderungen an die Cybersicherheit mit sich. Insbesondere steigt die Zahl der Angriffe auf Computer und Smartphones rapide an und betrifft zunehmend kritische Infrastrukturen wie Stromnetze, Industrieanlagen und sicherheitskritische Technologien wie das autonome Fahren. In diesem Vortrag wollen wir einen Blick auf die Angriffstechniken werfen, die Hacker dazu verwenden, um Kontrolle über Software zu gewinnen. Dabei werden wir moderne Angriffstechniken betrachten, die es einem Angreifer erlauben ein Computersystem zu manipulieren ohne bösartigen Programmcode einzuschleusen. Ferner diskutieren wir Hardwarebasierte Angriffe, die Sicherheitsmechanismen in Software auf clevere Weise aushebeln.

  • Davi, Lucas: Return and Re-Enter: Modern Software Attack Techniques and Defenses - Invited Talk, Cybersecurity Speaker Series at Northeastern University, 31.10.2018, Boston, USA. Details

    Software attacks exploit vulnerabilities in programs to trigger malicious operations and steal sensitive data. While existing attacks have mainly focused on classic desktop PCs and mobile systems, they are increasingly applied to modern software systems such as smart contracts. In this talk, we investigate two prevalent software attack techniques, namely return-oriented programming and re-entrancy attacks. The former attack technique leverages a malicious combination of benign code sequences to compromise web browsers and document viewers, whereas the latter exploits state inconsistencies to drain money out of a smart contract. For both, we discuss their evolution and investigate the challenges when building defenses against these attacks. 

  • Davi, Lucas: Return-Oriented Programming Angriffe auf Browser , ECSM - European Cyber Security Month, 11.10.2018, Essen. Details

    Zero-Day Exploits nutzen Programmierfehler aus, um beliebiges Schadverhalten auf einem Computersystem zu verursachen. Moderne Angriffe gegen Web-Browser benutzen dabei eine ausgeklügelte Technik, die sich Return-Oriented Programming (ROP) nennt. Im Gegensatz zu klassischen Angriffstechniken, können ROP Angriffe allein über das Zusammensetzen von vorhandenen, gutartigen Browser-Code Schadverhalten erzeugen. Weil hierbei kein neuer Schadcode explizit eingeschleust wird, umgehen ROP Angriffe weit verbreitete Abwehrmechanismen. In diesem Vortrag werden wir die ROP Angriffstechnik einführen und deren Anwendung auf Web-Browser erläutern. Ferner werden wir besprechen welche Abwehrmethoden eingesetzt werden können, um sich gegen diese Angriffe zu schützen.

    Video Mitschnitt und Folien stehen auf der ECSM Seite zum Download bereit

  • Davi, Lucas: Memory Corruption Attacks Against Intel SGX Shielded Software - Invited Talk, CASES: Special Session - Towards Secure Computer Architecture: Understanding Security Vulnerabilities and Emerging Attacks for Better Defenses, 03.10.2018, Torino. Details

    Intel Software Guard Extensions (SGX) is a recent hardware-based trusted execution environment that provides strong isolation of security-critical code and data by allocating them in dedicated, encrypted memory regions called enclaves. Until today, the threat of memory corruption attacks such as return-oriented programming and its impact on SGX protected program code and data is not yet well understood. In this talk, we provide an in-depth investigation of the Intel SGX internals regarding how untrusted host applications interact with trusted enclaves. Based on this analysis, we present novel memory corruption techniques allowing an attacker to undermine SGX to steal private information or bypass remote attestation protocols.


    Intel Software Guard Extensions (SGX) is a recent hardware-based trusted execution environment that provides strong isolation of security-critical code and data by allocating them in dedicated, encrypted memory regions called enclaves. Until today, the threat of memory corruption attacks such as return-oriented programming and its impact on SGX protected program code and data is not yet well understood. In this talk, we provide an in-depth investigation of the Intel SGX internals regarding how untrusted host applications interact with trusted enclaves. Based on this analysis, we present novel memory corruption techniques allowing an attacker to undermine SGX to steal private information or bypass remote attestation protocols.

  • Davi, Lucas: How to Bypass Memory Protection: Evolution of Return-Oriented Programming and Rowhammer Attacks - Invited Talk, Seminar at Università degli Studi di Padova, 05.10.2017, Padova, Italy. Details

    Memory corruption attacks such as return-oriented programming are a powerful exploitation technique to compromise software on a wide range of architectures. These attacks generate malicious computation based on existing code (so-called gadgets) residing in linked libraries. Both academia and industry have recently proposed defense techniques to mitigate return-oriented programming attacks. However, a continuous arms race has evolved between attacks and defenses. In this talk, we will elaborate on the evolution of memory corruption attacks. In particular, we explore prominent defense techniques such as control-flow integrity (CFI) enforcement, code randomization, and remote attestation. In addition, we investigate memory corruption attacks that exploit hardware faults to induce dangerous bit flips in memory. These attacks undermine memory access control mechanisms without requiring any software vulnerability. Specifically, we elaborate on the evolution of Rowhammer attacks and defenses.

  • Davi, Lucas: Protecting IoT Devices against Software Exploits - Invited Talk, ITG FA 5.2 Workshop on Smart Cities, 28.09.2017, Lübeck, Germany. Details
    Exploiting software vulnerabilities on IoT devices is becoming increasingly prevalent. These exploits corrupt program state information maintained in application memory to induce unauthorized program actions. In particular, return-oriented programming attacks allow an attacker to hijack IoT devices without requiring injection of malicious code. In this talk, we elaborate on the different classes of software exploitation techniques in the IoT space and present recent research on control-flow attestation and control-flow integrity to detect and prevent these attacks.
  • Davi, Lucas: Cybersicherheit - Wie Hacker die Kontrolle über Software übernehmen, MNU-Herbsttagung 2017, 05.09.2017, TU Dortmund, Germany. Details

    Cybersicherheit, Cyberspionage, Wahlmaschinen-Hacks, Exploits, Computerviren sind Begriffe mit denen wir immer häufiger in den Nachrichten konfrontiert werden. Der Aufbruch ins digitale Zeitalter, das Wachstum des Internets und die Vernetzung kleiner Mikro-Computer zum „Internet der Dinge“ haben neue und hohe Herausforderungen an die Cybersicherheit mit sich gebracht. Insbesondere steigt die Zahl der Cyberangriffe auf Computer und Smartphones rapide an und betrifft zunehmend kritische Infrastrukturen wie Stromnetze, Industrieanlagen und sicherheitskritische Technologien wie das autonome Fahren. In diesem Vortrag wollen wir uns Angriffstechniken ansehen, die Hacker dazu verwenden, um Kontrolle über Software gewinnen können. Dabei werden wir Angriffstechniken betrachten, wie ein Angreifer ein Computersystem manipulieren kann ohne ein bösartiges Programm einzuschleusen.

  • Davi, Lucas: Can Systems ever be Protected against Run-time Attacks? - Invited Talk, Technology Workshop on Embedded and IoT Security, 17.05.2017, Darmstadt. Details
  • Davi, Lucas: Dangerous Bit Flips in Memory: Rowhammer Attacks and Defenses - Keynote, CROSSING Conference 2017 - From Tweets to Quantum, 16.05.2017, Darmstadt. Details
  • Davi, Lucas: Cybersicherheit - Wie Hacker die Kontrolle über Software übernehmen, “Informatik macht Innovation” - Tag der Informatik, 21.03.2017, Essen, Germany. Details

    Cybersicherheit, Cyberespionage, Wahlmaschinen-Hacks, Exploits, Computerviren sind Begriffe mit denen wir immer häufiger in den Nachrichten konfrontiert werden. Der Aufbruch ins digitale Zeitalter, das Wachstum des Internets und die Vernetzung kleiner Mikro-Computer zum „Internet der Dinge“ haben neue und hohe Herausforderungen an die Cybersicherheit mit sich gebracht. Insbesondere steigt die Zahl der Cyberangriffe auf Computer und Smartphones rapide an und betrifft zunehmend kritische Infrastrukturen wie Stromnetze, Industrieanlagen und sicherheitskritische Technologien wie das autonome Fahren. In diesem Vortrag wollen wir uns Angriffstechniken ansehen, die Hacker dazu verwenden, um Kontrolle über Software wie zum Beispiel dem Internet Explorer und Microsoft Word gewinnen können. Dabei werden wir uns anschauen wie ein Angreifer ein Computersystem manipulieren kann ohne ein bösartiges Programm einzuschleusen.



  • Davi, Lucas: Mitigating Software Exploits on Embedded Systems - Invited Talk, NEC Europe Ltd., NEC Laboratories Europe, 15.03.2017, Heidelberg. Details

    Attacks targeting software on embedded systems are becoming increasingly prevalent. In particular, software exploits based on return-oriented programming are challenging to prevent as they perform malicious operations without requiring the attacker to inject any malicious code. Both academia and industry have recently proposed defense techniques to mitigate these attacks. However, a continuous arms race has evolved between new attacks and improved defenses. In this talk, we elaborate on the different classes of software exploits and present recent research on mitigation technologies such as control-flow integrity and attestation targeting embedded systems software.

  • Davi, Lucas: Code-Reuse Attacks and Defenses - Lecture, Winter School on Binary Analysis, 22.02.2017, Bochum, Germany. Details
  • Davi, Lucas: Control-Flow Attestation of Embedded Systems Software - Invited Talk, Workshop on Hardware Enhancements for Secure Embedded Systems (HESES), 25.01.2017, Stockholm, Sweden. Details

    Control-flow attacks targeting software on embedded systems are becoming increasingly prevalent. In particular, return-oriented programming attacks exploit software vulnerabilities of embedded software to induce malicious program actions without requiring the attacker to inject any malicious code. Remote attestation is a mechanism that allows establishing trust in embedded devices. Unfortunately, most existing attestation schemes are static. That is, they only report the state of the software that was initially loaded thereby missing detection of control-flow attacks. In this talk, we elaborate on the different classes of control-flow attacks and present recent research on control-flow attestation for embedded systems software to detect these attacks. We discuss the application of control-flow attestation in the context of cyber-physical applications such as an open syringe pump. Lastly, we elaborate on open challenges and hardware support for control-flow attestation.

  • Davi, Lucas: Protecting Mobile and Embedded Systems Software from Runtime Exploits - Invited Talk, Workshop on Privacy-Aware Mobile Computing (PAMCO), 05.07.2016, Paderborn, Germany. Details
  • Davi, Lucas: The Continuing Arms Race: A Journey in the World of Runtime Exploits and Defenses - Tutorial, 53rd Design Automation Conference (DAC), 05.06.2016, Austin, TX, USA. Details
  • Davi, Lucas: On Securing Legacy Software Against Code-Reuse Attacks - Invited Talk, RuhrSec, 29.04.2016, Bochum, Germany. Details

    Code-Reuse attacks such as return-oriented programming constitute a powerful exploitation  technique that is frequently leveraged to compromise software on a wide range of architectures. These attacks generate malicious computation based on existing code (so-called gadgets) residing in linked  libraries. Both academia and industry have recently proposed defense techniques to mitigate code-reuse attacks. However, a continuous arms race has evolved between attacks and defenses. In this talk, we  will elaborate on the evolution of code-reuse attacks. In particular, we explore prominent defense  techniques that are based on control-flow integrity (CFI) enforcement and code randomization. Further, we discuss promising research directions such as hardware-assisted defenses and protection against  these attacks at the kernel layer.


    Code-Reuse attacks such as return-oriented programming constitute a powerful exploitation  technique that is frequently leveraged to compromise software on a wide range of architectures. These attacks generate malicious computation based on existing code (so-called gadgets) residing in linked  libraries. Both academia and industry have recently proposed defense techniques to mitigate code-reuse attacks. However, a continuous arms race has evolved between attacks and defenses. In this talk, we  will elaborate on the evolution of code-reuse attacks. In particular, we explore prominent defense  techniques that are based on control-flow integrity (CFI) enforcement and code randomization. Further, we discuss promising research directions such as hardware-assisted defenses and protection against  these attacks at the kernel layer.

  • Davi, Lucas: The Continuing Arms Race in Memory: Return-Oriented Programming Attacks and Defenses - Invited Talk, Computer Science Forum (CS Forum) at Aalto University, 21.04.2016, Helsinki, Finland. Details

    Code-reuse attacks such as return-oriented programming constitute a powerful zero-day exploitation technique that is frequently leveraged to compromise software on a wide range of architectures. These attacks generate malicious computation based on existing code (so-called gadgets) residing in linked libraries. The good news is that both academia and industry have proposed defense techniques to mitigate code-reuse attacks. On the other hand, a continuous arms race has evolved between attacks and defenses. In this talk, we will elaborate on the evolution of code-reuse attacks. In particular, we explore two prominent defense techniques: control-flow integrity (CFI) and code randomization. We demonstrate that existing defenses, including Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), can be bypassed with advanced code-reuse attack techniques. Further, we discuss promising research directions such as hardware-assisted defenses, attestation of a program’s control flows, and protection against these attacks at the kernel layer.


    Code-reuse attacks such as return-oriented programming constitute a powerful zero-day exploitation technique that is frequently leveraged to compromise software on a wide range of architectures. These attacks generate malicious computation based on existing code (so-called gadgets) residing in linked libraries. The good news is that both academia and industry have proposed defense techniques to mitigate code-reuse attacks. On the other hand, a continuous arms race has evolved between attacks and defenses. In this talk, we will elaborate on the evolution of code-reuse attacks. In particular, we explore two prominent defense techniques: control-flow integrity (CFI) and code randomization. We demonstrate that existing defenses, including Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), can be bypassed with advanced code-reuse attack techniques. Further, we discuss promising research directions such as hardware-assisted defenses, attestation of a program’s control flows, and protection against these attacks at the kernel layer.

  • Lucas Davi, Christopher Liebchen: The Beast in Your Memory: Modern Exploitation Techniques and Defenses - Tutorial, Embedded Systems Week (ESWEEK), 04.10.2015, Amsterdam, Netherlands. Details

    Memory corruption attacks belong to the most-widely deployed attacks since almost three decades. These attacks have been already applied in the first famous Internet worm (the Morris worm in 1988). Today, they are used to compromise web browsers, launch iOS jailbreaks, and partially in zero day issues exploited in large-scale cyberattacks such as Stuxnet and Duqu. In particular, code-reuse techniques such as return-oriented programming undermine the security model of non-executable memory (the No-Execute Bit) and memory randomization. Defending against these attacks is a hot topic of research. In this tutorial, the attendees will be introduced to the state-of-the-art memory exploitation techniques and defenses. We give an overview of the main principles of memory exploitation covering stack smashing, return-into-libc, and return-oriented programming. We also elaborate on modern defenses such as control-flow integrity and memory randomization. In a hands-on lab, the attendees will construct proof-ofconcept exploits targeting mobile platforms (based on ARM).


    Memory corruption attacks belong to the most-widely deployed attacks since almost three decades. These attacks have been already applied in the first famous Internet worm (the Morris worm in 1988). Today, they are used to compromise web browsers, launch iOS jailbreaks, and partially in zero day issues exploited in large-scale cyberattacks such as Stuxnet and Duqu. In particular, code-reuse techniques such as return-oriented programming undermine the security model of non-executable memory (the No-Execute Bit) and memory randomization. Defending against these attacks is a hot topic of research. In this tutorial, the attendees will be introduced to the state-of-the-art memory exploitation techniques and defenses. We give an overview of the main principles of memory exploitation covering stack smashing, return-into-libc, and return-oriented programming. We also elaborate on modern defenses such as control-flow integrity and memory randomization. In a hands-on lab, the attendees will construct proof-ofconcept exploits targeting mobile platforms (based on ARM).

  • Lucas Davi, Ahmad-Reza Sadeghi: Modern Runtime Exploitation Techniques and Defenses - Lecture, Summer School on Secure and Trustworthy Computing, 24.09.2015, Bucharest, Romania. Details

    Memory corruption attacks exploit program bugs in modern software programs to compromise computing platforms. Although these attacks are known for several decades, they still pose a severe threat today’s software programs. These attacks can be applied to a variety of architectures starting from Desktop PCs and mobile devices to tiny embedded devices employed in sensors. In particular, code-reuse attacks such as return-oriented programming have significantly raised the sophistication of memory corruption attacks since they induce malicious actions based on only existing benign code. Fortunately, the security community including industrial efforts by Google and Microsoft have recently introduced a variety of defenses. On the other hand, attackers quickly adapted and proposed new attack techniques leading to a continuing arms race. In this lecture, we will provide an overview on state-of-the-art exploitation techniques and defenses against these attacks. In addition, the students will learn the practical concepts of runtime exploitation based on a hands-on lab


    Memory corruption attacks exploit program bugs in modern software programs to compromise computing platforms. Although these attacks are known for several decades, they still pose a severe threat today’s software programs. These attacks can be applied to a variety of architectures starting from Desktop PCs and mobile devices to tiny embedded devices employed in sensors. In particular, code-reuse attacks such as return-oriented programming have significantly raised the sophistication of memory corruption attacks since they induce malicious actions based on only existing benign code. Fortunately, the security community including industrial efforts by Google and Microsoft have recently introduced a variety of defenses. On the other hand, attackers quickly adapted and proposed new attack techniques leading to a continuing arms race. In this lecture, we will provide an overview on state-of-the-art exploitation techniques and defenses against these attacks. In addition, the students will learn the practical concepts of runtime exploitation based on a hands-on lab

  • Erlingsson, Organizers: U.; Holz, T.; Larsen, P.; Sadeghi, A. - R: The Continuing Arms Race: Code-Reuse Attacks and Defenses, Dagstuhl Seminar, Event 15294, 15.07.2015, Dagstuhl, Germany. Details

    Code reuse attacks pose a severe threat to modern software, silently breaching and infecting various systems ranging from desktop PCs to mobile and embedded systems. They can bypass many deployed defenses including data execution prevention and memory randomization (ASLR). The design and development of practical and effective defenses against code reuse attacks is extremely challenging and has recently become a hot research topic. Code-reuse with its most prominent instantiation return-oriented programming (ROP) may seem like a solved problem given the high scores of papers on possible defenses recently published on established security conferences. Unfortunately, many proposed defenses make assumptions that a sufficiently determined and resourced attacker can skirt, or require system changes that are highly challenging to transfer into practice; and frequently both.

    This seminar will bring together researchers and practitioners to analyze the state-of-the-art in code reuse attacks and mitigations, to devise improved approaches, and to establish a roadmap for future research and practice.

    https://www.dagstuhl.de/15294

  • Davi, Lucas: Modern Runtime Attacks and Defenses - Lecture, International Summer School on Smart & Mobile Device Security and Privacy (SMDSP), 03.09.2014, Padova, Italy. Details
  • Davi, Lucas: The Beast is Resting in Your Memory - Invited Talk, Intel Workshop on Cyberphysical and Mobile Security, 10.06.2014, Darmstadt, Germany. Details
  • Kevin Snow, Lucas Davi: Just-In-Time Code Reuse: The more things change, the more they stay the same, Black Hat USA, 31.07.2013, Las Vegas, USA. Details

    Recorded Talk available on YouTube

    Fine-grained address space layout randomization (ASLR) has recently been proposed as a method of efficiently mitigating runtime attacks. In this presentation, we introduce the design and implementation of a framework based on a novel attack strategy, dubbed just-in-time code reuse, which both undermines the benefits of fine-grained ASLR and greatly enhances the ease of exploit development on today's platforms that combine standard ASLR and DEP (e.g. Windows 8). Specifically, we derail the assumptions embodied in fine-grained ASLR by exploiting the ability to repeatedly abuse a memory disclosure to map an application's memory layout on-the-fly, dynamically discover API functions and gadgets, and JIT-compile a target program using those gadgets-- all within a script environment at the time an exploit is launched. We demonstrate the power of our framework by using it in conjunction with a real-world exploit against Internet Explorer, show its effectiveness in Windows 8, and also provide extensive evaluations that demonstrate the practicality of just-in-time code reuse attacks. Our findings suggest that fine-grained ASLR may not be as promising as first thought.


    Recorded Talk available on YouTube

    Fine-grained address space layout randomization (ASLR) has recently been proposed as a method of efficiently mitigating runtime attacks. In this presentation, we introduce the design and implementation of a framework based on a novel attack strategy, dubbed just-in-time code reuse, which both undermines the benefits of fine-grained ASLR and greatly enhances the ease of exploit development on today's platforms that combine standard ASLR and DEP (e.g. Windows 8). Specifically, we derail the assumptions embodied in fine-grained ASLR by exploiting the ability to repeatedly abuse a memory disclosure to map an application's memory layout on-the-fly, dynamically discover API functions and gadgets, and JIT-compile a target program using those gadgets-- all within a script environment at the time an exploit is launched. We demonstrate the power of our framework by using it in conjunction with a real-world exploit against Internet Explorer, show its effectiveness in Windows 8, and also provide extensive evaluations that demonstrate the practicality of just-in-time code reuse attacks. Our findings suggest that fine-grained ASLR may not be as promising as first thought.

  • Davi, Lucas: Return-oriented Programming: How to Perform Arbitrary Computation Without Code Injection - Lecture, 5th European Trusted Infrastructure Summer School (ETISS), 09.09.2010, Royal Holloway University of London, GB. Details

    Runtime attacks on software aim at subverting the control-flow of an application by redirecting execution to injected malicious code. Trusted Computing technologies such as IBM's integrity measurement architecture (IMA) cannot prevent such attacks, because they mainly ensure the load-time integrity of applications. Many runtime attacks, however, are based on corrupting functions' return addresses so that the affected function does not return to its original caller, but to the adversary's injected code.

    On the other hand, new attacks induce malicious behavior by only using existing code of linked libraries instead of injecting codes (particularly because the recently proposed memory protection mechanisms prevent the execution of injected code). These attacks are generally referred to as "return-oriented" attacks, since they return to code of already linked libraries. A particular powerful attack of this category are based on "return-oriented programming (ROP)". They combine various small instruction sequences of different functions to constitute arbitrary program behavior. The attack method has shown to be Turing-complete and has been deployed to a broad range of architectures: Intel x86, SPARC, Atmel AVR, ARM, etc. In this lecture we provide an overview on ROP for different hardware architectures and present recently available exploits which are built upon the principles of ROP. Finally, we will discuss possible countermeasures.


    Runtime attacks on software aim at subverting the control-flow of an application by redirecting execution to injected malicious code. Trusted Computing technologies such as IBM's integrity measurement architecture (IMA) cannot prevent such attacks, because they mainly ensure the load-time integrity of applications. Many runtime attacks, however, are based on corrupting functions' return addresses so that the affected function does not return to its original caller, but to the adversary's injected code.

    On the other hand, new attacks induce malicious behavior by only using existing code of linked libraries instead of injecting codes (particularly because the recently proposed memory protection mechanisms prevent the execution of injected code). These attacks are generally referred to as "return-oriented" attacks, since they return to code of already linked libraries. A particular powerful attack of this category are based on "return-oriented programming (ROP)". They combine various small instruction sequences of different functions to constitute arbitrary program behavior. The attack method has shown to be Turing-complete and has been deployed to a broad range of architectures: Intel x86, SPARC, Atmel AVR, ARM, etc. In this lecture we provide an overview on ROP for different hardware architectures and present recently available exploits which are built upon the principles of ROP. Finally, we will discuss possible countermeasures.

Weitere Funktionen:

    Publications (Co-)Chair

    • PAC 2017 - 1st IEEE Symposium on Privacy-Aware Computing
    • SPSM 2013 - 3rd ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices

    Student Travel Grants Komitee

    • NDSS 2019 - 26th Network and Distributed System Security Symposium

    Lokales Organisationskomitee Mitglied

    • CCS 2013 - 20th ACM Conference on Computer and Communications Security
    • ETISS 2011 - 6th European Trusted Infrastructure Summer School