A Tough Call - Mitigating Advanced Code-Reuse Attacks at the Binary Level
Offered By: IEEE via YouTube
Course Description
Overview
Explore advanced techniques for mitigating code-reuse attacks at the binary level in this 20-minute conference talk presented at the 2016 IEEE Symposium on Security & Privacy. Delve into the challenges of implementing Control-Flow Integrity (CFI) without source code and discover innovative binary-level analysis methods to reduce potential targets for indirect branches. Learn about the TypeArmor prototype, which reconstructs function prototypes and employs liveness analysis to create a more precise relationship between callsites and target callees. Examine experimental results demonstrating TypeArmor's efficiency and its effectiveness in mitigating advanced attacks like Counterfeit Object-oriented Programming (COOP). Gain insights into how strict binary-level CFI can enhance software security, even without access to source information or C++ semantics.
Syllabus
A Tough call: Mitigating Advanced Code-Reuse Attacks At The Binary Level
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Enforcing Unique Code Target Property for Control-Flow IntegrityAssociation for Computing Machinery (ACM) via YouTube Current Status of RISC-V Security Mechanisms - Nick Kossifidis, FORTH
TheIACR via YouTube Two-Faces of WASM Security
Security BSides San Francisco via YouTube Taking Kernel Hardening to the Next Level
Black Hat via YouTube The Power of Data-Oriented Attacks - Bypassing Memory Mitigation Using Data-Only Exploitation Techniques
Black Hat via YouTube