University of Cambridge > Talks.cam > Computer Laboratory Security Seminar > On the power of techniques for defeating code reuse attacks + some retrospective reflection on the DARPA CRASH program

On the power of techniques for defeating code reuse attacks + some retrospective reflection on the DARPA CRASH program

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Laurent Simon.

Abstract: Code reuse attacks (Return Oriented Programming, etc) have become one the key tools in the arsenal of attackers who are retrying to subvert remote systems through technical means. A new defensive technique, called Code Pointer Integrity, or CPI was proposed this past summer. It has the attractive property of being implemented wholly in software, seeming to offer broad coverage against code reuse attacks while imposing modest performance penalties (~6%). In an upcoming paper, our group demonstrated a technique for bypassing CPI . I will explain how code reuse attacks work, how CPI was supposed to prevent them, and how we bypassed CPI . I will also outline some work that we are currently conducting that uses a simple hardware architectural extension to prevent against both code reuse and code injection attacks (and probably other types of attacks as well).

This work grew out of an attempt to harvest some of the simpler ideas explored in DARPA ’s CRASH program (of which I was the program manager). I share some personal reflections on the CRASH program and what it produced.

This talk is part of the Computer Laboratory Security Seminar series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

© 2006-2025 Talks.cam, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity