gannimo, npc@berkeley.edu: New memory corruption attacks: why can't we have nice things?
- Title:
- gannimo, npc@berkeley.edu: New memory corruption attacks: why can't we have nice things?
- Description:
-
more » « less
Memory corruption is an ongoing problem and in past years we have both developed a set of defense mechanisms and novel attacks against those defense mechanisms. Novel defense mechanisms like Control-Flow Integrity (CFI) and Code-Pointer Integrity (CPI) promise to stop control-flow hijack attacks. We show that, while they make attacks harder, attacks often remain possible. Introducing novel attack mechanisms, like Control-Flow Bending (CFB), we discuss limitations of the current approaches. CFB is a generalization of data-only attacks that allows an attacker to execute code even if a defense mechanism significantly constrains execution.
gannimo, npc@berkeley.edu
- Video Language:
- English
- Duration:
- 54:32
|
C3Subtitles edited English subtitles for gannimo, npc@berkeley.edu: New memory corruption attacks: why can't we have nice things? | |
|
|
C3Subtitles added new URL for gannimo, npc@berkeley.edu: New memory corruption attacks: why can't we have nice things? | |
|
|
C3Subtitles added a video: gannimo, npc@berkeley.edu: New memory corruption attacks: why can't we have nice things? |
http://www.youtube.com/watch?v=n_tpc7bvPXU
Format: Youtube
Primary
Original
Added
by C3Subtitles
Format: Youtube
Primary
Original
http://www.youtube.com/watch?v=Ftp-vVA_YdA
Format: Youtube
Added
by C3Subtitles
Format: Youtube