Fighting off attacks based on memory corruption vulnerabilities is hard and a lot of research was and is conducted in this area. In our recent work we take a different approach and looked into breaking the payload of an attack. Current attacks assume that they have access to every piece of code and the entire platform API. In this talk, we present a novel defensive strategy that targets this assumption. We built a system that removes unused code from an application process to prevent attacks from using code and APIs that would otherwise be present in the process memory but normally are not used by the actual application. Our system is only active during process creation time, and, therefore, incurs no runtime overhead and thus no performance degradation. Our system does not modify any executable files or shared libraries as all actions are executed in memory only. We implemented our system for Windows 8.1 and tested it on real world applications. Besides presenting our system we also show the results of our investigation into code overhead present in current applications.
Breaking Payloads With Runtime Code Stripping And Image Freezing blackhat 2015
4 Likes
4 Dislikes
625 views views
117K followers
People & Blogs
Upload TimePublished on 29 Dec 2015
Related keywords
infosec news
information security manager
blackhat asia 2019
blackhat 2019
infosec twitter
blackhat 2018
black hat seo technique
blackhat europe
blackhat badger sekiro
black hat x reader
black hat cartoon
black hat x dr flug
cyber securityとは
blackhat conference 2019
cyber security cloud
black hat full movie
blackhat badger
blackhat forum
information security foundation 勉強
infosec rotkreuz
cyber security framework
information security policy template
infosecurity utrecht
infosec ups system
cyber security news
cyber security act
infosecurity
blackhat full movie
infosec blog
black hat badger
information security foundation 参考書
information security management system
cyber security conference
black hat seo
cyber security pro
black hat movie
blackhat imdb
infosec podcast
black hat cast
cyber security pro 新しいネットワークが検出されました
cyber security cloud managed rules
cyber security measures
information security governance
infosec global
infosecurity europe 2020
infosec health
infosec magazine
information security 日本語
infosec 19
black hat anime
information security foundation
infosecurity magazine
cyber security tokyo
black hat meaning
black hatch
information security definition
information security pdf
infosec europe 2019
cyber security market
infosec institute
infosec 2019 london
information security foundation 難易度
black hatch gamefowl
cyber security management system
information security certifications
blackhat film
cyber security pro アンインストール
information security specialist
cyber security 意味
cyber security analyst
information security policy
black hat usa 2019
information security forum
information security news
infosec conferences
information security officer
infosekta
cyber security japan
blackhat trailer
information security analyst
cyber security university
black hat hacker
black hat forum
cyber security company
black hat hacking
black hat villainous
blackhat conference
information security foundation based on iso/iec 27001
by Collin Mulliner & Matthias Neugschwandtner
Không có nhận xét nào:
Đăng nhận xét