Presented at
Black Hat Asia 2019,
March 28, 2019, 3:30 p.m.
(60 minutes).
Rowhammer attacks can break the MMU-enforced memory protection to achieve privilege escalation, without requiring any software vulnerability. To mitigate such an attack, numerous software-only countermeasures have been proposed.
In this talk, we will present a novel exploit that is able to effectively break the most advanced rowhammer defense. The exploit allows an unprivileged user application to gain both root and kernel privileges. Further, the exploit is stealthier and more efficient compared to existing rowhammer exploits.
To demonstrate the effectiveness of the exploit, we will show live demos of two successful attacks on a real system. One is to gain the root privilege and the other is to gain the kernel privilege.
Finally, we offer possible mitigations against our proposed exploit, and call for more parties to join in this effort to enhance the system security.
Presenters:
-
Yueqiang Cheng
- Staff Security Scientist, Baidu USA
Yueqiang Cheng is a Staff Security Scientist at Baidu USA X-Lab. His research interests focus on System Security (e.g., SGX, Virtualization), Blockchain Security, and Autonomous Driving Security.
-
Zhi Zhang
- PhD Student, Data61, CSIRO, Australia
Zhi Zhang is a PhD student in the School of Computer Science and Engineering at the University of New South Wales. His research interests are in the areas of system security and virtualization. He received his undergraduate degree from Sichuan University in 2011 and his master's degree from Peking University in 2014.
-
Surya Nepal
- Professor, Data61, CSIRO, Australia
Dr. Surya Nepal is a Principal Research Scientist at CSIRO Data61, Australia. His main research interest is in the development and implementation of technologies in the area of distributed systems including Web Services, Cloud Computing and Internet-of-Things, with a specific focus on security, privacy and trust. He received his PhD degree from RMIT University, Australia in 2000.
-
Zhi Wang
- Associate Professor, Florida State University
Zhi Wang is an associate professor in the Department of Computer Science at the Florida State University. He has broad research interests in security with a focus on the systems security, particularly, operating systems/virtualization security, software security, and mobile security
Links:
Similar Presentations: