时间：2016年3月2日下午1:30—3:00

地点：计算机所楼106会议室

题目：Protect Virtual Calls from Attacks

摘要：Virtual function is an important feature of the popular C++ language. It provides dynamic dispatching support, which is one of the key features in object-oriented languages. However, this also leaves a huge attack surface for attackers. Many (over 80% according to some reports) recent attacks against modern operating systems, browsers and other user-end applications, exploit memory corruption vulnerabilities and utilize virtual calls to hijack the control flow of target applications to execute malicious code. In this talk, I will show more details of this type of attacks, existing solutions and their limitations, and present our two novel defense solutions. These two defenses could protect programs with source code, as well as programs without source code. They provide a very strong defense against virtual call attacks, and introduce a negligible performance overhead.

报告人：张超博士

Dr. Chao Zhang, a postdoc researcher in UC Berkeley. He graduated from ICST, Peking University, and now works as a postdoc advised by Prof. Dawn Song. His research interest lies in system security, including practical software defense solutions, efficient vulnerability detection and automatic exploit generation. He has published about 20 papers in system security and related fields in several conferences and journals, including top conferences like IEEE S&P, NDSS and InfoCom. He has received the Special Recognition Award in Microsoft BlueHat Prize Contest 2012 due to his defense prototype FPGate, which inspired the latest CFG defense deployed in Windows 10. He is now the co-leader of the research group BitBlaze, as well as the co-leader of the cooperative team CodeJItsu, and leads the team to win the 3rd place in DARPA Cyber Grand Challenge 2015. He is also a member of the team BlueLotus, which won the 5th place in the global DEFCON CTF 2015 competition.