Organizer: Prof. Dr. Ahmad-Reza Sadeghi, Dr. Lucas Davi
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Lucas Davi (Technische Universität Darmstadt and Intel Collaborative Research Institute for Secure Computing ICRI-SC) are giving a full-day tutorial on runtime exploits including hands-on labs at ESWEEK 2015.
If you are interested in learning the basic principles of runtime exploits like return-oriented programming, getting an overview of state-of-the-art research and open problems in this area, and applying the learned concepts to vulnerable software programs in hands-on labs, we'd happy to see you in Amsterdam on Oct 4, 2015.
The Beast in Your Memory: Modern Exploitation Techniques and Defenses
Memory corruption attacks belong to the most-widely deployed attacks since almost three decades. These attacks have been already applied in the first famous Internet worm (the Morris worm in 1988). Today, they are used to compromise web browsers, launch iOS jailbreaks, and partially in zero day issues exploited in large-scale cyberattacks such as Stuxnet and Duqu. In particular, code-reuse techniques such as return-oriented programming undermine the security model of non-executable memory (the No-Execute Bit) and memory randomization. Defending against these attacks is a hot topic of research. In this tutorial, the attendees will be introduced to the state-of-the-art memory exploitation techniques and defenses. We give an overview of the main principles of memory exploitation covering stack smashing, return-into-libc, and return-oriented programming. We also elaborate on modern defenses such as control-flow integrity and memory randomization. In a hands-on lab, the attendees will construct proof-of-concept exploits targeting mobile platforms (based on ARM).