University of Cambridge > Talks.cam > Microsoft Research Cambridge, public talks > The Difficulty of Preventing Code Reuse Attacks

The Difficulty of Preventing Code Reuse Attacks

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Microsoft Research Cambridge Talks Admins.

This event may be recorded and made available internally or externally via http://research.microsoft.com. Microsoft will own the copyright of any recordings made. If you do not wish to have your image/voice recorded please consider this before attending

In this talk, I will give a brief introduction to code reuse attacks – e.g., return-oriented programming – and give an overview on recent developments in defenses; including academic proposal as well as actually deployed ones such as EMET and CFG .

I will present my own work on two advanced attack techniques dubbed “Branch History Flushing” (RAID 2014) and “Counterfeit Object-oriented Programming” (short COOP ; in submission). COOP abuses common artifacts in binary C++ code and breaks with long-held assumptions on the nature of code reuse attacks. Consequently, it bypasses a wide range of existing defenses including the recently proposed “Code-Pointer Separation” (practical “Code-Pointer Integrity”; OSDI 2014 ) and Windows 10’s CFG . I will discuss in particular why currently no strong defense against COOP exists that does not require access to a software’s source code and why designing a strong binary-only defense will be challenging.

The main takeaway should be that many of today’s defenses are built on improper assumptions and that even supposedly small “wiggle room” for an attacker can still lead to full system compromise.

This talk is part of the Microsoft Research Cambridge, public talks series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

© 2006-2024 Talks.cam, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity