Topic of presentation: Comprehensive analysis of the exploitation of heap usage based memory corruption (Regular Talk)
The protection against the exploitation of software vulnerabilities is one the greatest challenges of cybersecurity field nowadays. In an unfavourable case the attacker can force the operating system to run harmful code by the vulnerable software. Several types of software errors are already known. The sources of the most of the errors are the missing validation of the input data, the inappropriate datatype conversion or the abnormal usage of objects.
The number of software errors related to the dynamic object allocation and release has been increasing nowadays. The exploitation of the vulnerability in these cases affects the memory heap. In those cases where the memory corruption is stack based, the exploitation will contain less uncertainty since the relative position of the attacking code can be mapped and set. However in the case of the vulnerability exploitations that based on the invalid usage of objects, the attacking code is placed in the heap (in multiple copies in general) and so the exploitation depends on the current state of the heap. Because of these things the proper execution of the attacking code will contain several uncertainties.
In the past few years several heap based software error exploitations have come to light and so several solutions have been created for detecting and preventing them. The presentation will discuss the different allocation methods of the up-to-date main heap solutions (e.g. low fragmentation heap) and the different exploitation techniques (e.g. use after free). These will be demonstrated through the analysis of existing software vulnerabilities.