Ralf Hund, Return Oriented Rootkits
Ever since the large-scale exploitation of software vulnerabilities became a massive nuisance in this decade, researches from the academic and private sector invented technical countermeasures for mitigating this threat. To outsmart increasingly sophisticated defensive systems, more intelligent attack techniques were developed. In the field of kernel protection, some new solutions which rely on the concept of lifetime code integrity were introduced in the near past. Thereby, attackers are prevented from executing own code with elevated privileges. The talk shows how to evade such protections by using return-oriented programming and discusses the inherent difficulties and limitations attackers face. Our work culminates in the development of a real return-oriented rootkit for Windows.
Learn more about the speaker.