Analysis and Evaluation of Binary Exploitation Mitigation Techniques
Reliable binary exploitation mitigation techniques exist for decades and are deployed to operating systems in various forms. Different operating systems interpret these techniques individually for their respective imple- mentation. This thesis provides an in-depth analysis on currently deployed and en- abled techniques in Linux, MacOS, OpenBSD and Windows. Not only the implementation itself will be discussed, but also possible attack vectors. This thesis also examines the new techniques of Control Flow Integrity and Code Pointer Integrity in theory and in concrete implementations. Elemen- tary testcases for forward edge CFI and a practical attack vector against the SafeStack (CPI) implementation of LLVM/Clang will be proposed.
Analysis and Evaluation of Binary Exploitation Mitigation Techniques
| Supervisor(s): | Julian Kirsch Bruno Bierbaumer |
| Status: | finished |
| Topic: | Anomaly Detection |
| Author: | Martin Steil |
| Submission: | 2017-10-20 |
| Type of Thesis: | Masterthesis |
| Proof of Concept | No |
Astract:Reliable binary exploitation mitigation techniques exist for decades and are deployed to operating systems in various forms. Different operating systems interpret these techniques individually for their respective imple- mentation. This thesis provides an in-depth analysis on currently deployed and en- abled techniques in Linux, MacOS, OpenBSD and Windows. Not only the implementation itself will be discussed, but also possible attack vectors. This thesis also examines the new techniques of Control Flow Integrity and Code Pointer Integrity in theory and in concrete implementations. Elemen- tary testcases for forward edge CFI and a practical attack vector against the SafeStack (CPI) implementation of LLVM/Clang will be proposed. |
|