Data-Oriented Programming - On the Expressiveness of Non-Control Data Attacks
Offered By: IEEE via YouTube
Course Description
Overview
Explore the concept of Data-Oriented Programming (DOP) and its implications for non-control data attacks in this 20-minute IEEE conference talk. Delve into the Turing-complete nature of these exploits and learn about a systematic technique for constructing expressive non-control data attacks on x86 programs. Examine the findings from an experimental evaluation of 9 programs, revealing thousands of data-oriented x86 gadgets and gadget dispatchers. Discover how 8 out of 9 real-world programs contain gadgets capable of simulating arbitrary computations, with 2 confirmed to enable Turing-complete attacks. Investigate three end-to-end attack scenarios that bypass randomization defenses, operate network bots, and alter memory permissions, all while evading ASLR and DEP protections. Gain insights into the significant power DOP grants attackers and consider potential defense strategies against these sophisticated exploits.
Syllabus
Control Attacks are Getting Harder
Contributions
Motivating Example (cont.)
Data-Oriented Programming (DOP) . General construction
Data-Oriented Gadgets
Gadget Dispatcher
Attack Construction
Evaluation - Feasibility
Case Study: Bypassing Randomization
dlopend - Dynamic Linking Interface
Case Study: Simulating A Network Bot
Case Study: Altering Memory Permissions
Related Work
Potential Defenses
Motivatine Example
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network