Dear all,
[apologies if you receive multiple posting]
Just a reminder.
****************************************
Date: 02/26/2016
Time: 11:00 AM - noon
Venue: Engineering Building 4201
Speaker: Prof. Zhenkai Liang
Title: Automatic Generation of Data-Oriented Exploits
***************************************
Songqing
Abstract
****************************************
As defense solutions against control-flow hijacking attacks gain wide
deployment, control-oriented exploits from memory errors become difficult. As
an alternative, attacks targeting non-control data do not require diverting the
applicationā?Ts control flow during an attack. Although it is known that such
data-oriented attacks can mount significant damage, no systematic methods to
automatically construct them from memory errors have been developed. In this
work, we develop a new technique called data-flow stitching, which
systematically finds ways to join data flows in the program to generate
data-oriented exploits. We build a prototype embodying our technique in a tool
called FLOWSTITCH that works directly on Windows and Linux binaries. In our
experiments, we find that FLOWSTITCH automatically constructs 16 previously
unknown and three known data-oriented attacks from eight real-world vulnerable
programs. All the automatically-crafted exploits respect fine-grained CFI and
DEP constraints, and 10 out of the 19 exploits work with standard ASLR defenses
enabled. The constructed exploits can cause significant damage, such as
disclosure of sensitive information (e.g., passwords and encryption keys) and
escalation of privilege.
****************************************
Speaker Bio
****************************************
Zhenkai Liang is an Associate Professor of the School of Computing, National
University of Singapore. His main research interests are in system and software
security, web security, mobile security, and program analysis. He has served as
the technical program committee members of many system security conferences,
including the ACM Conference on Computer and Communications Security (CCS),
USENIX Security Symposium and the Network and Distributed System Security
Symposium (NDSS). He is also an associate editor of the IEEE Transaction on
Dependable and Secure Computing. As a co-author, he received the Best Paper
Award in ICECCS 2014, the Best Paper Award in W2SP 2014, the ACM SIGSOFT
Distinguished Paper Award at ESEC/FSE 2009, the Best Paper Award at USENIX
Security Symposium 2007, and the Outstanding Paper Award at ACSAC 2003. He
also won the Annual Teaching Excellence Award of NUS in 2014 and 2015. He
received his Ph.D. degree in Computer Science from Stony Brook University in
2006, and B.S. degrees in Computer Science and Economics from Peking University
in 1999.
****************************************
|
