CS Department Seminar: Michalis Polychronakis, Columbia University

Monday, October 7, 2013 – Tuesday, October 15, 2013 ( 2:00 pm to 3:00 pm )

Location: Babbio Center 304

Contact: 
gportoka@stevens.edu

Title: Practical Defenses Against Return-Oriented Programming

Abstract:

The wide adoption of exploit mitigation technologies based on non-executable memory pages, has given rise to a new breed of attacks that employ return-oriented programming (ROP) to achieve arbitrary code execution without the injection of any code. After a brief introduction into return-oriented programming, in this talk I will present two complementary defenses against ROP attacks for Windows systems: in-place code randomization, a practical software diversification technique that can be applied directly on third-party binaries, and kBouncer, a transparent, low-overhead runtime ROP mitigation technique.

Bio:

Michalis Polychronakis is an Associate Research Scientist in the Computer Science Department at Columbia University. He received the B.Sc. ('03), M.Sc. ('05), and Ph.D. ('09) degrees in Computer Science from the University of Crete, Greece, while working as a research assistant in the Distributed Computing Systems Lab at FORTH-ICS. In 2010, he received a Marie Curie International Outgoing Fellowship granted by the European Commission. His main research interests are in the areas of network and system security and network monitoring and measurement.