TaintSpot: Practical Taint Analysis and Exploit Generation for Java

Presented at DeepSec 2020 „The Masquerade“, Unknown date/time (Unknown duration)

According to the report published by the Common Vulnerabilities and Exposures (CVE) organization, the number of reported vulnerabilities in software systems in 1999 was less than 1600. The number of the same organization report in 2019 is nearly 100,000, approximately 60 times higher. Consequently, facing many continually growing software vulnerabilities, security experts have neither adequate time nor sufficient resources to analyze, detect, and fix these issues promptly and accurately. Hence, this situation has provided an extraordinary opportunity for cybercriminals to exploit zero-day vulnerabilities and perform attacks successfully. Consequently, the presence of practical, scalable, and precise security tools for performing genuine, in-depth, and detailed security analysis on real-world software seems to be an indispensable requirement for today's cybersecurity situation. A useful security analysis tool should identify zero-day vulnerabilities, exploits, and unseen attacks in real-world software quickly and precisely before being exploited by cyber attackers. Moreover, such a tool should be easy-to-use and deploy, cost-effective, and result in a few false positives and false negatives. Considering the facts mentioned earlier, in this work, we aim to introduce a practical framework for delivering effective security testing and automatic exploit generation for real-world software without requiring the source code or debugging information. We particularly focus on the Java ecosystem due to its prevalence and extensive impact on enterprise software systems, web applications, and the Android ecosystem. Our proposal framework, which is called "TaintSpot", will be deployed without special firmware modifications or root privileges on various hardware (e.g., x86, ARM) and standard operating systems (e.g., Linux, Windows, and FreeBSD).

Presenters:

• Dr. -Ing. Mohammadreza Ashouri - University of Potsdam
  Mohammadreza Ashouri holds a Ph.D. degree in Software Security, and is particularly interested in program analysis, designing secure compilers, and program fuzzing. He has some scientific records on designing cryptographic algorithms, blockchain security testing, and web privacy in addition to these domains. Regarding his working experience, he had a chance to work as a cybersecurity analyst and researcher at CISPA (Helmholtz Center for Information Security) and the University of Potsdam. He's also the founder of PersimmonWeb, which is a software development startup. Mohammadreza Ashouri lives in Berlin and likes cycling, photography, writing, and creating electronic music. You can get more information about him by checking his webpage, and if you would like to know more, please don't hesitate to contact him.

Links:

• https://deepsec.net/archive/2020.deepsec.net/speaker.html#PSLOT496

Similar Presentations:

• Black Hat USA 2017 / Zero Days, Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits
• Black Hat Europe 2017 / Zero Days, Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits
• Black Hat USA 2012 / Recent Java Exploitation Trends and Malware