Date: 04 December 2019 Time: 14:00-15:00
Location: "Stelios Orphanoudakis" Seminar Room, FORTH, Heraklion, Crete
Host: Prof. Evangelos Markatos
Computer systems, driven by software, help run our society in an unprecedented degree, making software security of critical importance today more than ever. Despite the inception and broad adoption of defenses that make software exploitation hard, attacks have also evolved to a new level of sophistication, combining multiple vulnerabilities to circumvent defenses and compromise systems. In this talk, I will present our work on improving the security, and hardening the exploitation, of binary software, which can be found in many security-critical settings where commercial or legacy software is used. Our work focuses on reducing the attack surface of applications and facilitating the deployment of state-of-the-art defenses by removing unused code and unwanted functionality. We achieve this by targeting the bloat in modern applications, which is a result of the continuous addition of features (aka feature creep), as well as the over-generalization and accumulation of functionality in libraries. We built multiple systems that use static and dynamic analysis to pin-point and eliminate such bloat. Our evaluation with real-world applications and benchmarks shows that 56% and 82% of library code, respectively, remains unused, which we exploit to accelerate a state-of-the-art defense system. Moreover, preliminary work has shown that we can correctly identify unwanted functionality activated by user inputs and disable it without catastrophically disrupting application execution.
Georgios Portokalidis is an Associate Professor in the Department of Computer Science at Stevens Institute of Technology. He obtained his PhD in Computer Science from Vrije Universiteit Amsterdam on February 2010, while he also holds an MSc and BSc in Computer Science from Leiden University and University of Crete, respectively. His research interests are mainly around the area of systems and security. In the past, he has worked on software security, honeypots, taint analysis, analysis of binary software, run-time and compile-time software instrumentation, control-flow integrity, code-reuse attacks, Tor, and user authentication. He has authored numerous papers published in the proceedings of some of the most influential security and systems conferences, and he has been involved in several projects funded by the EU, DARPA, IARPA, ONR, and NSF.