Speculative execution attacks as the future of memory error exploitation
Join us for our upcoming Future Computing Seminar Series
Speaker: external page Dr. Anil Kurmus, IBM Research
Date: November 24th, 2021, 11:00 CET
Where: HG J 91
Abstract:
Spectre and Meltdown are the first of numerous transient attacks, which demonstrate that subtle CPU design and implementation issues can result in real world attacks, leaking sensitive information from systems. In this talk, we first introduce Spectre attacks, draw parallels with memory corruption and argue that a similar challenge to achieving memory safety awaits system and software researchers in designing efficient solutions to speculative execution attacks. We then focus on one recent work, SPEAR, which demonstrates that speculative execution can be used to turn unexploitable memory corruption vulnerabilities into information leaks. In particular we show that memory error mitigations such as stack canaries can be bypassed with speculative execution attacks.
Speaker Bio:
Dr. Anil Kurmus is a security researcher at the IBM Research Zurich laboratory. His interests are mainly on systems security, software security, operating systems as well as CPU microarchitecture, both in terms of offensive and defensive research. He holds a PhD degree (Dr.-Ing) from Technische Universitat Braunschweig (2014), and a Master's degree (Diplome d'Ingenieur) from Telecom Paris (2009). Since 2019, he is sub-theme lead at IBM Research, leading various challenges working on system security. His work has received an ACSAC best paper award and been published in major systems security conferences, where he has also been a member of the program committees (such as ACM CCS 21, IEEE S&P 22, USENIX Security 21/22). He is also the author of several patents on systems security.