Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Data-Oriented Programming - On the Expressiveness of Non-Control Data Attacks

IEEE via YouTube

Overview

Explore the concept of Data-Oriented Programming (DOP) and its implications for non-control data attacks in this 20-minute IEEE conference talk. Delve into the Turing-complete nature of these exploits and learn about a systematic technique for constructing expressive non-control data attacks on x86 programs. Examine the findings from an experimental evaluation of 9 programs, revealing thousands of data-oriented x86 gadgets and gadget dispatchers. Discover how 8 out of 9 real-world programs contain gadgets capable of simulating arbitrary computations, with 2 confirmed to enable Turing-complete attacks. Investigate three end-to-end attack scenarios that bypass randomization defenses, operate network bots, and alter memory permissions, all while evading ASLR and DEP protections. Gain insights into the significant power DOP grants attackers and consider potential defense strategies against these sophisticated exploits.

Syllabus

Control Attacks are Getting Harder
Contributions
Motivating Example (cont.)
Data-Oriented Programming (DOP) . General construction
Data-Oriented Gadgets
Gadget Dispatcher
Attack Construction
Evaluation - Feasibility
Case Study: Bypassing Randomization
dlopend - Dynamic Linking Interface
Case Study: Simulating A Network Bot
Case Study: Altering Memory Permissions
Related Work
Potential Defenses
Motivatine Example

Taught by

IEEE Symposium on Security and Privacy

Reviews

Start your review of Data-Oriented Programming - On the Expressiveness of Non-Control Data Attacks

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.