Taking Kernel Hardening to the Next Level
Offered By: Black Hat via YouTube
Course Description
Overview
Explore advanced kernel hardening techniques in this 38-minute Black Hat conference talk. Delve into the critical issue of memory safety in operating systems, examining the 175 CVEs assigned to potentially exploitable bugs in Linux in 2021 alone. Learn why current Control-Flow Integrity (CFI) and Use-After-Free (UAF) defense methods fall short in stopping sophisticated adversaries. Discover new approaches to enhance these techniques, including Pointer Authentication Based CFI, Context Based CFI, and optimized access validation. Gain insights from security researchers as they present novel strategies to combat evolving exploitation techniques targeting OS vulnerabilities. Understand complex compiler behaviors, static validators, and how to leverage complete differences in hardening approaches.
Syllabus
Introduction
Pointer Authentication Based CFI
Context Based CFI
New Context
Complex Compiler Behavior
Static Validator
Use a Complete Difference
Optimize Access Validation Approach
Taught by
Black Hat
Related Courses
Enforcing Unique Code Target Property for Control-Flow IntegrityAssociation for Computing Machinery (ACM) via YouTube Current Status of RISC-V Security Mechanisms - Nick Kossifidis, FORTH
TheIACR via YouTube Two-Faces of WASM Security
Security BSides San Francisco via YouTube The Power of Data-Oriented Attacks - Bypassing Memory Mitigation Using Data-Only Exploitation Techniques
Black Hat via YouTube Mitigating Spectre Attacks Using CFI Informed Speculation
IEEE via YouTube