Summer School
June 17–21, 2019

Šibenik, Croatia
   Summer School
   on real-world crypto and privacy
Run-time attack tutorial

Run-time attack tutorial

Important information

Title: Memory Corruption Attacks and Defenses in the Context of Real-World Crypto

Instructor: Lucas Davi & Ahmad-Reza Sadeghi
Number of participants: 50 (participants have to register for the Summer School prior to signing up)
Requirements: Basic Programming Knowledge in C
PC/Tools: The practical part of this tutorial requires loading a virtual machine image using VirtualBox. The image will be made available to the attendees shortly before the summer school.
Date and time: Thursday, 20 June between 09:00-12:30
Location: TBC

The number of seats is limited, so participants should register in advance by sending an email to www-croatia@science.ru.nl (subject: Run-time attack tutorial registration).
Admission is on first-come first-serve basis. We will also maintain a waiting list.

Description

Software attacks exploit vulnerabilities in programs to trigger malicious operations and steal sensitive data. In this context, memory corruption attacks play a vital role as they allow an attacker to perform arbitrary reads and writes to main memory. While traditional attacks required the attacker to directly inject malicious code into the memory space of an application, modern attacks either only induce malicious execution by means of a combination of existing code (return-oriented programming) or only manipulate variables without violating the program’s control flow (data-oriented exploits). For the case of real-world crypto schemes, these attacks are capable of stealing and altering cryptographic material.

In this tutorial, we provide an overview of the state-of-the-art memory exploitation techniques and defenses. We start with the main principles of memory exploitation covering stack smashing, return-oriented programming, and data-oriented programming. Next, we present modern defense techniques such as control-flow integrity and memory randomization.

In the second part of this tutorial, we continue with a hands-on lab where attendees will have the opportunity to construct proof-of-concept memory exploits that undermine cryptographic schemes deployed by the target application.


Instructor Bio

Lucas Davi is an assistant professor for secure software systems at University of Duisburg-Essen, Germany. He received his PhD from TU Darmstadt in computer science. His research focus includes aspects of system security, software security, and trusted computing, especially software exploitation techniques and defenses. He received best paper awards at DAC, ACM ASIACCS, and IEEE Security and Privacy. His PhD thesis on code-reuse attacks and defenses has been awarded the ACM SIGSAC Dissertation Award 2016.