Ryan Riley - Purdue University
Jan 28, 2009
Download: MP4 Video
Watch in your Browser
Watch on YouTube
"An Alternate Memory Architecture for Code Injection Prevention"
Code injection attacks, in their various forms, have been in existence and been an area of consistent research for a number of years. A code injection attack is a method whereby an attacker inserts malicious code into a running computing system and transfers execution to his malicious code. In this way he can gain control of a running process or operating system due to the fact that his injected code will run at the same privilege level as the entity being attacked. At the user-level, these attacks can be used to gain access to a system through an application bug. At the kernel-level, they are commonly used to install kernel rootkits and hide an attacker's presence on a machine.
In this talk I will discuss code injection with regards to the memory architecture of modern computer systems. I will compare two common memory architectures, von Neumann and Harvard, with respect to their susceptibility to code injection attacks and the advantages and disadvantages of each in practice. Based on this, I will present a third memory architecture which is immune to code injection attacks and describe implementations of it that are able to stop code injection at the user and kernel levels. My experimental results show that this architecture is able to effectively and efficiently prevent code injection attacks against unmodified operating systems and applications running on standard x86 hardware.
About the Speaker
Ryan Riley is a doctoral candidate and research assistant at Purdue University in West Lafayette, IN. His research interests include Operating System and Network Security, Intrusion Detection and Prevention, Virtualization Technology, Distributed Systems, and Cloud Computing . He received a bachelor's in Computer Engineering in 2004 and a master's in Computer Science in 2006. He is preparing to graduate with his Ph.D. In Computer Science in August 2009 and is hoping to enter academia.
Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M.
STEW G52 (Suite 050B), West Lafayette Campus. More information...