Loading…
Friday, May 3 • 11:00am - 12:00pm
Regions are types, types are policy, and other ramblings

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Semantically related objects often get grouped together in memory, and it is about time we take advantage of this in developing software hardening measures.  Types can be naturally assigned to regions of memory in a flexible manner.  Such types can form the basis of a practical and intelligible access control policy. This observation allowed me to retroactively harden an instance of the U-Boot bootloader, to model the bootloader's intentions and build an access control policy that mediated its behavior.

Typed region-based hardening measures can be applied to other kinds of software to not only protect against low-level memory vulnerabilities but also to help protect and address high-level logic-based attacks (i.e., instances of weird machines).

Speakers
avatar for Rebecca

Rebecca

Senior Security Researcher, Narf Industries
Rebecca (bx) Shapiro enjoys tinkering with systems in undocumented manners to find hidden sources of computation. She has previously studied the weird machines present in application linkers and loaders, publishing some nifty PoC along the way, but has since turned her focus towards... Read More →


Friday May 3, 2019 11:00am - 12:00pm
Scruffy City Hall 32 Market Square, Knoxville, TN, United States

Attendees (14)