Loading…
CanSecWest 2021 has ended
Back To Schedule
Wednesday, April 28 • 12:00pm - 1:00pm
KOOBE: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.


The monolithic nature of modern OS kernels leads to a constant stream of bugs being discovered. It is often unclear which of these bugs are worth fixing, as only a subset of them may be serious enough to lead to security takeovers (i.e., privilege escalations). Therefore, researchers have recently started to develop automated exploit generation techniques (for UAF bugs) to assist the bug triage process. In this project, we investigate another top memory vulnerability in Linux kernel — out-of-bounds (OOB) memory write from heap.

Watch here.

Zhiyun Qian
Zhiyun Qian is the Everett and Imogene Ross associate professor in the CSE department at the University of California Riverside. His main research interests are in the area of system and network security, including vulnerability discovery, side channel analysis, applied program analysis, system building, and measurement of real-world security problems. He is a recipient of the ACM CCS distinguished paper award in 2020, Applied Networking Research Prize from IRTF in 2019, NSF CAREER Award in 2017, Facebook Internet Defense Prize Finalist in 2016, and the most creative idea award from Geekpwn 2016.


Speakers
avatar for Zhiyun Qian

Zhiyun Qian

Associate Professor, University of California, Riverside
Zhiyun Qian is the Everett and Imogene Ross associate professor in the CSE department at the University of California Riverside. His main research interests are in the area of system and network security, including vulnerability discovery, side channel analysis, applied program analysis... Read More →


Wednesday April 28, 2021 12:00pm - 1:00pm PDT
AirMeet/gather.town secwest.net