�ݺ�ߣshows by User: ch0psticks

�ݺ�ߣshows by User: ch0psticks / http://www.slideshare.net/images/logo.gif �ݺ�ߣshows by User: ch0psticks / Thu, 11 Jun 2015 07:19:36 GMT �ݺ�ߣShare feed for �ݺ�ߣshows by User: ch0psticks Readactor-Practical Code Randomization Resilient to Memory Disclosure /slideshow/readactor-slides/49255338 readactor-slides-150611071936-lva1-app6892
This is NOT the official slides!! Just a paper reading summary presented in our security research group. Readactor----paper published on S&P(Oakland)2015. Abstract: Code-reuse attacks such as return-oriented pro- gramming (ROP) pose a severe threat to modern software. Designing practical and effective defenses against code-reuse attacks is highly challenging. One line of defense builds upon fine-grained code diversification to prevent the adversary from constructing a reliable code-reuse attack. However, all solutions proposed so far are either vulnerable to memory disclosure or are impractical for deployment on commodity systems. In this paper, we address the deficiencies of existing solutions and present the first practical, fine-grained code randomization defense, called Readactor, resilient to both static and dynamic ROP attacks. We distinguish between direct memory disclosure, where the attacker reads code pages, and indirect memory disclosure, where attackers use code pointers on data pages to infer the code layout without reading code pages. Unlike previous work, Readactor resists both types of memory disclosure. Moreover, our technique protects both statically and dynamically generated code. We use a new compiler-based code generation paradigm that uses hardware features provided by modern CPUs to enable execute-only memory and hide code pointers from leakage to the adversary. Finally, our extensive evaluation shows that our approach is practical—we protect the entire Google Chromium browser and its V8 JIT compiler—and efficient with an average SPEC CPU2006 performance overhead of only 6.4%.]]>
This is NOT the official slides!! Just a paper reading summary presented in our security research group. Readactor----paper published on S&P(Oakland)2015. Abstract: Code-reuse attacks such as return-oriented pro- gramming (ROP) pose a severe threat to modern software. Designing practical and effective defenses against code-reuse attacks is highly challenging. One line of defense builds upon fine-grained code diversification to prevent the adversary from constructing a reliable code-reuse attack. However, all solutions proposed so far are either vulnerable to memory disclosure or are impractical for deployment on commodity systems. In this paper, we address the deficiencies of existing solutions and present the first practical, fine-grained code randomization defense, called Readactor, resilient to both static and dynamic ROP attacks. We distinguish between direct memory disclosure, where the attacker reads code pages, and indirect memory disclosure, where attackers use code pointers on data pages to infer the code layout without reading code pages. Unlike previous work, Readactor resists both types of memory disclosure. Moreover, our technique protects both statically and dynamically generated code. We use a new compiler-based code generation paradigm that uses hardware features provided by modern CPUs to enable execute-only memory and hide code pointers from leakage to the adversary. Finally, our extensive evaluation shows that our approach is practical—we protect the entire Google Chromium browser and its V8 JIT compiler—and efficient with an average SPEC CPU2006 performance overhead of only 6.4%.]]> Thu, 11 Jun 2015 07:19:36 GMT /slideshow/readactor-slides/49255338 ch0psticks@slideshare.net(ch0psticks) Readactor-Practical Code Randomization Resilient to Memory Disclosure ch0psticks This is NOT the official slides!! Just a paper reading summary presented in our security research group. Readactor----paper published on S&P(Oakland)2015. Abstract: Code-reuse attacks such as return-oriented pro- gramming (ROP) pose a severe threat to modern software. Designing practical and effective defenses against code-reuse attacks is highly challenging. One line of defense builds upon fine-grained code diversification to prevent the adversary from constructing a reliable code-reuse attack. However, all solutions proposed so far are either vulnerable to memory disclosure or are impractical for deployment on commodity systems. In this paper, we address the deficiencies of existing solutions and present the first practical, fine-grained code randomization defense, called Readactor, resilient to both static and dynamic ROP attacks. We distinguish between direct memory disclosure, where the attacker reads code pages, and indirect memory disclosure, where attackers use code pointers on data pages to infer the code layout without reading code pages. Unlike previous work, Readactor resists both types of memory disclosure. Moreover, our technique protects both statically and dynamically generated code. We use a new compiler-based code generation paradigm that uses hardware features provided by modern CPUs to enable execute-only memory and hide code pointers from leakage to the adversary. Finally, our extensive evaluation shows that our approach is practical—we protect the entire Google Chromium browser and its V8 JIT compiler—and efficient with an average SPEC CPU2006 performance overhead of only 6.4%. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/readactor-slides-150611071936-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> This is NOT the official slides!! Just a paper reading summary presented in our security research group. Readactor----paper published on S&P(Oakland)2015. Abstract: Code-reuse attacks such as return-oriented pro- gramming (ROP) pose a severe threat to modern software. Designing practical and effective defenses against code-reuse attacks is highly challenging. One line of defense builds upon fine-grained code diversification to prevent the adversary from constructing a reliable code-reuse attack. However, all solutions proposed so far are either vulnerable to memory disclosure or are impractical for deployment on commodity systems. In this paper, we address the deficiencies of existing solutions and present the first practical, fine-grained code randomization defense, called Readactor, resilient to both static and dynamic ROP attacks. We distinguish between direct memory disclosure, where the attacker reads code pages, and indirect memory disclosure, where attackers use code pointers on data pages to infer the code layout without reading code pages. Unlike previous work, Readactor resists both types of memory disclosure. Moreover, our technique protects both statically and dynamically generated code. We use a new compiler-based code generation paradigm that uses hardware features provided by modern CPUs to enable execute-only memory and hide code pointers from leakage to the adversary. Finally, our extensive evaluation shows that our approach is practical—we protect the entire Google Chromium browser and its V8 JIT compiler—and efficient with an average SPEC CPU2006 performance overhead of only 6.4%.

Readactor-Practical Code Randomization Resilient to Memory Disclosure from ch0psticks

]]> 1146 1 https://cdn.slidesharecdn.com/ss_thumbnails/readactor-slides-150611071936-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 You Can Run but You Can’t Read: Preventing Disclosure Exploits in Executable Code /slideshow/xnr/46086178 xnrslidesmarch19-2015-150320104125-conversion-gate01
An unofficial slides for paper "You Can Run but You Can’t Read: Preventing Disclosure Exploits in Executable Code". All contents come from my understanding on this paper. So it may contain errors. If you see it, kindly point out, and let me know, thanks.]]>
An unofficial slides for paper "You Can Run but You Can’t Read: Preventing Disclosure Exploits in Executable Code". All contents come from my understanding on this paper. So it may contain errors. If you see it, kindly point out, and let me know, thanks.]]> Fri, 20 Mar 2015 10:41:24 GMT /slideshow/xnr/46086178 ch0psticks@slideshare.net(ch0psticks) You Can Run but You Can’t Read: Preventing Disclosure Exploits in Executable Code ch0psticks An unofficial slides for paper "You Can Run but You Can’t Read: Preventing Disclosure Exploits in Executable Code". All contents come from my understanding on this paper. So it may contain errors. If you see it, kindly point out, and let me know, thanks. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/xnrslidesmarch19-2015-150320104125-conversion-gate01-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> An unofficial slides for paper "You Can Run but You Can’t Read: Preventing Disclosure Exploits in Executable Code". All contents come from my understanding on this paper. So it may contain errors. If you see it, kindly point out, and let me know, thanks.

You Can Run but You Can’t Read: Preventing Disclosure Exploits in Executable Code from ch0psticks

]]> 1286 1 https://cdn.slidesharecdn.com/ss_thumbnails/xnrslidesmarch19-2015-150320104125-conversion-gate01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 https://public.slidesharecdn.com/v2/images/profile-picture.png happyhacking.info https://cdn.slidesharecdn.com/ss_thumbnails/readactor-slides-150611071936-lva1-app6892-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/readactor-slides/49255338 Readactor-Practical Co... https://cdn.slidesharecdn.com/ss_thumbnails/xnrslidesmarch19-2015-150320104125-conversion-gate01-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/xnr/46086178 You Can Run but You Ca...