|主题: 围绕虚函数调用的攻防战（Protect Virtual Calls from Attacks）
报告人: 张超，UC Berkeley博士后
时间: 2016年3月5日（周六）上午 9:00-11:30
地点: 清华大学信息技术大楼(FIT) 3-225（从FIT楼西门进入）
Virtual function is an important feature of the popular C++ language. It provides dynamic dispatching support, which is one of the key features in object-oriented languages. However, this also leaves a huge attack surface for attackers. Many (over 80% according to some reports) recent attacks against modern operating systems, browsers and other user-end applications, exploit memory corruption vulnerabilities and utilize virtual calls to hijack the control flow of target applications to execute malicious code. In this talk, I will show more details of this type of attacks, existing solutions and their limitations, and present our two novel defense solutions that were published in NDSS. These two defenses could protect programs with source code, as well as programs without source code. They provide a very strong defense against virtual call attacks, and introduce a negligible performance overhead.
Dr. Chao Zhang, a postdoc researcher in UC Berkeley, advised by Prof. Dawn Song. His research interest lies in system security, including practical software defense solutions, efficient vulnerability detection and automatic exploit generation techniques. He has published about 20 papers in system security and related fields in several conferences and journals, including top conferences like IEEE S&P, NDSS and InfoCom. He has received the Special Recognition Award in Microsoft BlueHat Prize Contest 2012 due to the defense prototype FPGate, which inspired the latest CFG defense deployed in Windows 10. He is now the co-leader of the research group BitBlaze, as well as the co-leader of the cooperative team CodeJItsu, and leads the team to win the 3rd place in DARPA Cyber Grand Challenge 2015. He is also a member of the team BlueLotus, which won the 5th place in the global DEFCON CTF 2015 competition.
张超博士，UC Berkeley博士后。毕业于北京大学，目前师从UC Berkeley的Dawn Song教授进行学术研究。主要研究方向为系统安全，包括实用化的软件安全防护、高效的软件漏洞挖掘以及自动化攻击利用技术研究。先后在IEEE S&P, NDSS, InfoCom等会议发表学术论文十余篇，研究成果之一FPGate获得微软BlueHat Prize竞赛Special Recognition Award。目前是BitBlaze课题组的共同负责人，也是DARPA CGC自动化攻防竞赛种子队伍CodeJitsu的技术领队，并带领CodeJitsu队伍获得CGC初赛第三名。同时也是著名CTF战队蓝莲花的队员，参与了众多CTF竞赛并获得2015年DefCon CTF全球第五名。