Hacking Data-Flow for Turing-Complete Attacks
No Thumbnail Available
Author(s)
Hu, Hong
Advisor(s)
Editor(s)
Collections
Supplementary to:
Permanent Link
Abstract
Control-flow hijacking attacks from memory errors become more and more difficult as targeted defense mechanisms gain wide deployment. As an alternative, non-control data attacks do not require diverting the application’s control flow, and thus can bypass existing advanced defense mechanisms. Although it is known that such data-oriented attacks can mount significant damage, we are not clear about their real expressiveness. In this talk, Dr. Hu will first present data-flow stitching, a systematic method to build data-oriented attacks. Instead of corrupting individual data inside the program, data-flow stitching breaks existing data-flows and connects the fragments in a malicious manner, thus enabling systematic construction. Then I will propose data-oriented programming, a novel method to build expressive data-oriented attacks, even Turing-complete attacks. Finally, Dr.Hu will show data-oriented attacks against Chromium that bypass the fundamental SOP policy.
Sponsor
Date
2018-02-23
Extent
43:40 minutes
Resource Type
Moving Image
Resource Subtype
Lecture