Full day Tutorial

Title

The Beast in Your Memory: Modern Exploitation Techniques and Defenses

Presenters

Lucas Davi and Ahmad-Reza Sadeghi, Technische Universität Darmstadt and Intel Collaborative Research Institute for Secure Computing (ICRI-SC)

Abstract

Memory corruption attacks belong to the most-widely deployed attacks since almost three decades. These attacks have been already applied in the first famous Internet worm (the Morris worm in 1988). Today, they are used to compromise web browsers, launch iOS jailbreaks, and partially in zero day issues exploited in large-scale cyberattacks such as Stuxnet and Duqu. In particular, code-reuse techniques such as return-oriented programming undermine the security model of non-executable memory (the No-Execute Bit) and memory randomization. Defending against these attacks is a hot topic of research. In this tutorial, the attendees will be introduced to the state-of-the-art memory exploitation techniques and defenses. We give an overview of the main principles of memory exploitation covering stack smashing, return-into-libc, and return-oriented programming. We also elaborate on modern defenses such as control-flow integrity and memory randomization. In a hands-on lab, the attendees will construct proof-ofconcept exploits targeting mobile platforms (based on ARM). Pictures on top right, coprighted to Yuri Demchenko.