Cybersecurity Lecture Series Kangjie Lu

Things to do
Cybersecurity Lecture Series   Kangjie Lu
More Less
Cybersecurity Lecture Series Kangjie Lu says
Location: Klaus Advanced Computing Building, KACB Room 1116-W, 266 Ferst Dr., Atlanta, GA

Meet academic and industry leaders for intimate discussions about new cyber threats, trends and technologies.
The Cybersecurity Lecture Series is a free, open-to-the-public lecture from a thought leader who is advancing the field of information security and privacy. Invited speakers include executives and researchers from private companies, government agencies, start-up incubators as well as Georgia Tech faculty and students presenting their research.

Held weekly each Friday at Noon through Apr. 21, lectures are open to all -- students, faculty, industry, government, or simply the curious. Graduate students may register for credit under seminar course CS-8001-INF.

Complimentary lunch provided for registered guests. Please bring your own beverage.

Featuring Kangjie Lu on Feb. 3, 2017
"Defeating Advanced Memory-Error Exploits by Preventing Information Leaks"

ABSTRACT | Widely used systems such as operating systems (OS) are implemented in unsafe programming languages for efficiency. Hence, these foundational systems inherently suffer from a variety of memory errors, and the exploitation of memory errors has become a critical attack vector. The past several years have continuously witnessed critical attacks targeting systems belonging to individuals, enterprises, and government agencies. Two typical goals of these attacks are to leak sensitive data and to control victim systems.

In this talk, I will first present that since modern systems widely deploy memory-layout randomization techniques, leaking a randomized code pointer has become a prerequisite for advanced control attacks such as code-reuse attacks. Therefore, preventing information leaks can be a general defense that not only stops data leaks but also defeats control attacks. Then, I will present two systems I developed, UniSan and ASLR-Guard. While UniSan completely eliminates information leaks caused by reading uninitialized variables (the most common cause) in OS kernels, ASLR-Guard either prevents code-pointer leaks or renders the leaks useless in deriving the value of code pointers. Both UniSan and ASLR-Guard impose negligible performance overhead to the secured complex systems such as OS kernels and web servers.

BIO | Kangjie Lu is a Ph.D. candidate in the School of Computer Science at Georgia Tech. His research interests include security and privacy, programming languages, and operating systems. He is particularly interested in automatically uncovering and addressing fundamental security problems, and securing widely used systems while preserving their reliability and efficiency. During his Ph.D. study, he worked as an intern at NEC Labs America and Samsung Research America, and as a visiting scholar at the Max Planck Institute for Software Systems (MPI-SWS).
More Less

By: College of Computing at Georgia Tech

2 people listening