A hybrid approach to enforce data-flow integrity
演讲者： Dr. Chengyu Song（美国加州大学河滨分校助理教授)
Abstract: The most common cyber attack vector is exploit of software vulnerability. Despite much efforts toward building secure software, software systems of even modest complexity still routinely have serious vulnerabilities. More alarmingly, even the trusted computing base (e.g. OS kernel) still contains vulnerabilities that would allow attackers to subvert security mechanisms such as the application sandbox on smartphones.
Memory corruption is one of the most ancient, prevalent, and devastating vulnerabilities. In this talk, I will discuss my research on mitigating this threat. In particular, there are three general ways to exploit a memory corruption vulnerability---attacking the code (a.k.a. code injection attack), the control data (a.k.a. control-flow hijacking attack), and the non-control data (a.k.a. data-oriented attack). Data-flow integrity is a promising approach to defeat all three exploit methods. However, enforcing data-flow integrity is very expensive. In this talk, I will discuss two directions to make this technique more practical. First, using kernel privilege escalation attacks as an example, I will discuss how to utilize program analysis techniques to reduce the protection scope thus reduce the performance overhead. Next, I will present a new architecture support to further reduce the performance overhead
Bio: Chengyu Song is an Assistant Professor at the Computer Science and Engineering department of UC Riverside. His primary research interests are system and software security. He received his PhD from Georgia Tech in 2016 and his M.Eng. and B.S. from Peking University in 2010 and 2007. He has published 14 papers in top security and system conferences. One of his co-authored paper won the 2015 Internet defense prize ($100k) and another one won the CSAW'15 best applied security research paper.