[Seminar] Abusing Performance Optimization Weaknesses to Bypass ASLR
◾호스트: 전병곤 교수(x1928, 02-880-1928)
The primary goal of ASLR is to effectively randomize a program's memory layout so that adversaries cannot easily infer such information. As ASLR is a critical defense against exploitation, there have been tremendous efforts to evaluate the mechanism's security. To date, previous attacks that bypass ASLR have focused mostly on exploiting memory leak vulnerabilities, or abusing non-randomized data structures. In this presentation, we leverage vulnerabilities introduced by performance-oriented software design to reveal new ways in which ASLR can be bypassed. In addition to describing how vulnerabilities originate from such designs, we will present real attacks that exploit them.
This talk is based on my recent work published in IEEE S&P (Oakland) 2014 and Blackhat 2014.
Byoungyoung Lee is a PhD student at Georgia Tech, and he is largely working on system and software security. He is one of the contributors of the DarunGrim project, a popular binary diffing tool that uncovered many different Microsoft patched vulnerabilities. He has spoken at BlackHat and Infosec Southwest before, and he also has actively participated in wargames including DEFCON CTF. He also loves to write fuzzers targeting various software products for bug bounties.