Seminar • Cryptography, Security, and Privacy (CrySP) — Space Wars: Exploiting Program (in)Variants for Software Security

Thursday, February 13, 2020 10:30 am - 10:30 am EST (GMT -05:00)

Hong Hu, Research Scientist
School of Computer Science, Georgia Institute of Technology

The ever-increasing code base of modern software inevitably introduces vulnerabilities which enable attackers to construct sophisticated exploits and compromise our computer systems. Control-flow hijacking is the state-of-the-art exploit method, where attackers aim to take over the execution of the vulnerable program. Accordingly, defenders strive to protect the control-flow integrity to mitigate attacks. As these protections gradually get deployed, it is getting harder for attackers to hijack the control-flow and they may switch to other exploit methods to achieve malicious goals. It is urgent for defenders to understand the remaining attack vectors and develop defenses in advance.

In this talk, I will present two works that explore the program data space to provide comprehensive protections and to find new devastating attacks. First, I will demonstrate that program data space provides necessary auxiliary information for achieving complete protection against control-flow attacks. Specifically, only with extra context information, we can get the unique code target for indirect calls and jumps. Second, I will demonstrate that data-oriented attacks, which conform to all control-flow protections, are practical, expressive and can be generated automatically. Attackers can systematically search in the program data space to construct arbitrary, even Turing-complete computations in real-world programs, like browsers. In the end, I will talk about my plan on extending data-oriented attacks to other platforms and languages, and the potential directions to prevent this new type of attack.

Bio: Dr. Hong Hu is a research scientist of computer science at the Georgia Institute of Technology. His main research area is system and software security, focusing on exploring new attack vectors of memory errors and developing effective defense mechanisms. His work has appeared in top venues of system security, including IEEE S&P, USENIX Security, CCS and NDSS. He received the Best Paper Award from CCS 2019 and ICECCS 2014. 

Dr. Hu obtained his Ph.D. degree from the National University of Singapore in 2016, and was a Postdoctoral Fellow at Georgia Tech from 2017 to 2019.