"My other computer is *your* computer" (or: how attackers evade modern defenses and still manage to pwn your machine)
While exploitation of binary code in modern systems with all defenses up has become much more difficult than in the past, attackers still manage to seize control of even our most advanced systems—typically by reusing code already in the program. In this talk, I will explain why it is hard to thwart such attacks and sketch the two main approaches to stop them: diversification and control flow management (which includes all forms of control flow integrity). Diversification is all about trying to keep attackers from knowing about the code snippets they might want to use to construct malicious behaviour. Control flow management is trying to prevent attackers from diverting the control flow in the program. Both approaches are insanely hot and these days we have papers about new solutions coming out of the woodworks. I will discuss some of the difficulties in getting this right and argue that, in theory at least, diversification is stronger than control flow integrity. Finally, I will sketch some of the work we are doing in this direction in my group.
Herbert Bos is professor of Systems Security at VU University Amsterdam. He obtained his Ph.D. from Cambridge University, and in recent years, obtained an ERC Starting Grant to work on reverse engineering and a VICI grant to work on techniques to detect vulnerabilities in binaries. He is proud of his students, 3 of whom (and 4 in his group) have won the Roger Needham PhD Award for best Ph.D. thesis in Europe.
Hosted jointly with the LSDS group.