Hello, for the first meetup of 2016, the seventeenth already in total we will be learning more about computer security and mainly on the design of mitigations against attacks on computer programs. Our guest speaker will be Yves Younan, a Senior Research Engineer with the Talos Security Intelligence and Research Group at Cisco. He received a Master in Computer Science form the Vrije Universiteit Brussel and a PhD in Engineering: Computer Science from the Katholieke Universiteit Leuven. His PhD focussed on efficient countermeasures against code injection attacks on programs written in C and C++. In the last years when he was an academic, he founded the Native Code Security Group within the Distrinet research group at the Katholike Universiteit Leuven in Belgium.
Robust Mitigations by Yves Younan (http://www.fort-knox.org/)
This talk will discuss practical robust mitigations that protect against some of the major vulnerabilities that exist in C programs today. We will present two mitigations based on two academic papers, the first (http://www.cs.kuleuven.be/publicaties/rapporten/cw/CW554.pdf) which protects against use-after-free vulnerabilities and the second (http://fort-knox.org/files/freesentry.pdf) which protects against buffer overflows. Buffer overflows are some of the most long lasting vulnerabilities found in computer programs, they have been a serious problem for over 25 years. Recent improvements in modern operating systems have made them harder to exploit, but by no means impossible.
In this talk we will provide an overview of a mitigation which is more robust than currently deployed mitigations, called PAriCheck. Boundschecking is the ideal protection against buffer overflows as it prevents going out of the bounds of an object. However, the cost to perform boundschecking in C has traditionally been prohibitively high. PAriCheck provides protection at a more moderate cost than other boundscheckers.
The second mitigation provides protection against use-after-free vulnerabilities. Due to the deployment of mitigations for buffer overflows in modern operating systems that make exploitation harder, attackers have shifted focus towards easier to exploit vulnerabilities such as use-after-free vulnerabilities, because few mitigations are in place. As a result these vulnerabilities have become the most exploited type of vulnerability in Windows 7 and higher platforms. We will discuss FreeSentry, which protects against these vulnerabilities.
Finally we will discuss how these two mitigations can be combined to provide more comprehensive protection for C programs.
Paper of the month Control Flow Integrity (http://pub.cs.sunysb.edu/~rob/teaching/cse608-fa05/controlflowintegrity.pdf) from M. Abadi, M. Budiu, U. Erlingsson, J. Ligatti presented by M. Loubele
Abstract Current software attacks often build on exploits that subvert machine-code execution. The enforcement of a basic safety property, Control-Flow Integrity (CFI), can prevent such attacks from arbitrarily controlling program behavior. CFI enforcement is simple, and its guarantees can be established formally, even with respect to powerful adversaries. Moreover, CFI enforcement is practical: it is compatible with existing software and can be done efficiently using software rewriting in commodity systems. Finally, CFI provides a useful foundation for enforcing further security policies, as we demonstrate with efficient software implementations of a protected shadow call stack and of access control for memory regions.