Software Security Today: Understanding Code-Reuse Attacks and Reducing Attack Surface
Speaker
George Portokalidis
Stevens Institute of Technology
Host
CSAIL Security Seminar
Title: Software Security Today: Understanding Code-Reuse Attacks and
Reducing Attack Surface
Abstract:
Our society is increasingly reliant on software, so software security is
of critical importance today more than ever. Through the years,
defenses, such as address space layout randomization (ASLR),
data-execution prevention (DEP), and stack and heap protections have
significantly raised the bar for attackers, making software exploitation
hard. However, attacks have also evolved to a new level of
sophistication. Modern attacks combine multiple vulnerabilities to
launch code-reuse attacks that “re-purpose” existing code to execute
arbitrary computations. Working exploits are extremely valuable, for
example, companies like Zerodium offer $1.5M for zero-day exploits
against iOS. Modern attacks have reignited the interest in various
instantiations of control-flow integrity (CFI), diversification, and
isolation-based defenses. In this talk, I will present our work on
evaluating the effectiveness of such defenses, based on analyzing them
and producing proof-of-concept (PoC) attacks that expose their
weaknesses. I will first focus on CFI to show that it is vulnerable,
specially in its more practical iterations. I will then move to
approaches that employ information hiding to emulate isolation
techniques, and finish by looking at randomization techniques. I will
conclude my talk by presenting new directions in hardening software and
reducing attack surface.
Short bio:
Georgios Portokalidis is an Assistant Professor in the Department of
Computer Science at Stevens Institute of Technology. He obtained his
doctorate degree in Computer Science from Vrije Universiteit in
Amsterdam. His research interests are mainly around the area of systems
and security. Some of the subjects he is actively working on include the
detection and prevention of state-of-the-art attacks against software
systems, efficient information-flow tracking systems, user
authentication, and IoT security.
Reducing Attack Surface
Abstract:
Our society is increasingly reliant on software, so software security is
of critical importance today more than ever. Through the years,
defenses, such as address space layout randomization (ASLR),
data-execution prevention (DEP), and stack and heap protections have
significantly raised the bar for attackers, making software exploitation
hard. However, attacks have also evolved to a new level of
sophistication. Modern attacks combine multiple vulnerabilities to
launch code-reuse attacks that “re-purpose” existing code to execute
arbitrary computations. Working exploits are extremely valuable, for
example, companies like Zerodium offer $1.5M for zero-day exploits
against iOS. Modern attacks have reignited the interest in various
instantiations of control-flow integrity (CFI), diversification, and
isolation-based defenses. In this talk, I will present our work on
evaluating the effectiveness of such defenses, based on analyzing them
and producing proof-of-concept (PoC) attacks that expose their
weaknesses. I will first focus on CFI to show that it is vulnerable,
specially in its more practical iterations. I will then move to
approaches that employ information hiding to emulate isolation
techniques, and finish by looking at randomization techniques. I will
conclude my talk by presenting new directions in hardening software and
reducing attack surface.
Short bio:
Georgios Portokalidis is an Assistant Professor in the Department of
Computer Science at Stevens Institute of Technology. He obtained his
doctorate degree in Computer Science from Vrije Universiteit in
Amsterdam. His research interests are mainly around the area of systems
and security. Some of the subjects he is actively working on include the
detection and prevention of state-of-the-art attacks against software
systems, efficient information-flow tracking systems, user
authentication, and IoT security.