Drop the ROP: Fine-Grained Control-Flow Integrity for the Linux Kernel

Дата: 08.01.2020. Автор: CISOCLUB. Категории: Подкасты и видео по информационной безопасности

The introduction of W^X memory policies and the subsequent mitigation of return-to-user attacks, tackled the efficiency of code injection techniques on the exploitation of kernel-level vulnerabilities, rendering return-oriented programming (ROP) into one of the most prominent adversaries for system security. Control-Flow Integrity (CFI) is an effective defense against ROP, but despite its many refinements during the past decade and its recent deployment for the protection of user-space applications, it has received significantly less attention for the kernel setting. The few existing kernel-level CFI proposals either apply an overly permissible coarse-grained policy, which can be easily bypassed by sophisticated ROP attacks, or do not support dynamically loadable kernel modules.

by João Moreira

Full Abstract: https://www.blackhat.com/asia-17/briefings/schedule/index.html#drop-the-rop-fine-grained-control-flow-integrity-for-the-linux-kernel-5424

CISOCLUB

Об авторе CISOCLUB

Редакция CISO CLUB. Официальный аккаунт. CISO CLUB - информационный портал и профессиональное сообщество специалистов по информационной безопасности.
Читать все записи автора CISOCLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *