Introducing

Prezi AI.

Your new presentation assistant.

Refine, enhance, and tailor your content, source relevant images, and edit visuals quicker than ever before.

Memory Errors: The Past, the Present, and the Future

Victor van der Veen

Updated Aug. 4, 2013

Transcript

Memory Errors:

Memory Errors: The Past, the Present, and the Future

Motivation

Public disclosure?

Is there something else that could explain this drop in reports?

0-Day private market

Black market

Bounty programs

Pwn2Own 2012:

"... But the other one, a memory corruption flaw in IE's protected mode sandbox, VUPEN will keep for itself and its customers (NATO governments and partners) ..."

Vendors started paying for zero-days

Mozilla (up to $3.000)
Google (up to $20.000)
Facebook (minimum of $500)
Baracuda Networks (up to $3.133,7)
Zero Day Initiative
...

Other companies selling zero-days:

Netragard
Endgame Systems
Northrop Grumman
Raytheon
...?

Selling on black markets is also lucrative

21/32

22/32

23/32

Exploit analysis

Exploit breakdown

Vulnerability analysis

Vulnerability breakdown

20/32

Conclusions

Trends

No more format strings

Number of memory errors are dropping

The heap is difficult to exploit

Exploitation is getting harder

15/32

Heap

Stack

16/32

17/32

18/32

Memory errors will remain a serious threat

What can we expect in the future?

High amounts paid for zero-days

Other factors

Fewer reports

Fortunately, exploitation is getting harder

Exploitation is getting harder
Public disclosure is being avoided
Increase of bounty programs
Increase of 0-day private markets

Unfortunately, also less public

C usage

Percentages

Non-control data

Most important language

Focus on damage control

"Non-control-data attacks are realistic threats" (2005)

Lots of existing C software

(Recent) Advances in Intrusion Detection was actually very well chosen

Exim attack (2010)

Not safe by design

Typical heap overflow: overwrite variable

But also look at preventing privilege escalation

Does not divert control flow

The memory error:

Today's cyber bullet, tomorrow's cruise missile?

Hard to get it right

Undetected by NX, ASLR, canary protection, ...

Focus on detecting non-control data attacks

24/32

As long as we find vulnerabilities, memory errors will be among them

More attacks in the future?

31/32

29/32

Memory errors are endemic in C-like programs

32/32

27/32

30/32

The Past, the Present, and the Future

20 years of research on memory errors:

Safe languages
Program analysis
Countermeasures

http://malware-experiments.few.vu.nl/

'Classic buffer overflow' still in top 3 of CWE SANS top 25

Victor van der Veen, Nitish Dutt-Sharma, Lorenzo Cavallaro, Herbert Bos

1,2

Will memory errors remain a significant threat?

Do we need renewed/different research efforts?

Contributions

Historical overview
Vulnerability and exploit analysis
Future directions

3/31

2/31

Choose a template

Sheet Music (AI Assisted)

Elevate your presentations with our Sheet Music Prezi AI-assisted presentation template, seamlessly blending aesthetics and functionality for a harmonious visual experience.

Hiking Journey (AI Assisted)

Elevate your presentations with our immersive Hiking Journey Prezi AI-assisted presentation template, meticulously crafted to showcase the beauty of your adventures, from scenic trails to breathtaking landscapes, providing a visually compelling experience for every outdoor enthusiast.

Music Festival (AI Assisted)

Elevate your presentation with our dynamic and visually stunning Music Festival Prezi AI-assisted presentation template, designed to captivate audiences and showcase the rhythm of your event in every slide.

See more templates →

Presentations from around the world

2015 개정 교육과정 영어, 내 자녀는 어떻게 배우는가?

Jeong-ryeol Kim

Describing a Character

Saint Usha

I2 Week 1 – Day 3 Movies

Rick Amaya

See staff picks →

Learn more about creating dynamic, engaging presentations with Prezi

Why Prezi is better