Building Secure Systems

Vasileios Kemerlis
Columbia University


Abstract

Today’s software systems are large, complex, and plagued with vulnerabilities that allow perpetrators to exploit them for profit. The constant rise in the number of software weaknesses, coupled with the sophistication of modern adversaries, make the need for effective and adaptive defenses more critical than ever. In this talk, I will present my work on developing novel protection mechanisms and exploit prevention techniques that improve the security posture of commodity software systems. First, I will discuss kGuard and XPFO, two projects whose goal is to harden contemporary OSes against attacks that exploit vulnerabilities in kernel code, without entailing additional software (e.g., hypervisor or VMM) or special hardware. Next, I will talk about ret2dir: a new kernel exploitation technique that I developed, which uncovered how fundamental OS design practices and implementation decisions can significantly weaken the effectiveness of state of-the-art kernel protection mechanisms. Finally, I will outline my work on protecting binary-only software against a wide range of threats, including information leaks and control-flow hijacking attacks, by briefly presenting libdft, TFA, and ShadowReplica: a set of tools that dynamically and transparently retrofit information-flow tracking capabilities in multiprocess and multithreaded programs, outperforming previous solutions in many aspects.