Run-time attacks are a prominent attack vector for compromising systems written in memory-unsafe languages like C and C++. Over the last decade there has been significant advances by both researchers and practitioners in understanding and defending against run-time attacks, especially those that attempt to defeat control-flow integrity (CFI). As CFI defenses are gradually being deployed, data-oriented attacks will become increasingly attractive.
Defenses against run-time attacks must consider how to trade-off security, performance and deployability. Fine-grained software-only defenses are effective, but can be prohibitively expensive. Hardware-based defenses can be effective and efficient but can force deployment hurdles. In this talk, I will describe two attempts from our recent work to provide run-time protection, especially for data-oriented attacks. The first, HardScope, is a hardware solution for enforcing lexical scope for variables at run-time. HardScope consists of a small set of proposed processor extensions as well as associated compiler instrumentation. The second, PARTS, is a software solution that makes use of an existing hardware-assisted mechanism in ARM processors for pointer authentication (PA). PARTS consists of a set of techniques that use PA for thwarting run-time attacks.
About N. Asokan
N. Asokan is a professor of computer science at Aalto University where he co-leads the Secure Systems Group and is the founding director of Helsinki-Aalto Center for Information Security -- HAIC (https://haic.fi). His research interests are broadly in the area of systems security. Recently he has been focussing on various aspects of platform security and the interplay between security/privacy and machine learning. Asokan is an ACM Fellow and an IEEE Fellow and was recently given the ACM SIGSAC award for outstanding innovation. You can find more information on his work at his website (https://asokan.org/asokan/) or his twitter profile (@nasokan).