Explore a comprehensive analysis of code reuse attacks and defenses in C++ applications, focusing on the novel Counterfeit Object-oriented Programming (COOP) technique. Delve into the vulnerabilities of existing defense mechanisms against COOP, including CFI solutions and C++-specific protections. Examine the Turing-complete nature of COOP in real-world scenarios, with practical demonstrations using exploits for Internet Explorer and Firefox. Gain insights into the challenges of constructing COOP-resilient defenses without source code access, and understand the implications for future security measures against control flow hijacking attacks.
Overview
Syllabus
Intro
Introduction: Code-reuse attacks
Introduction: Defenses
Background: C++ object layouts
COOP Motivation
Control flow in COOP
The Main Loop (2)
Attacker-injected data
Adding values (ARITH-G)
Writing to memory W-G
Proof of concept exploits
Applicability
Properties of COOP
How to prevent COOP?
Defenses Review
Taught by
IEEE Symposium on Security and Privacy
