This event has ended. Create your own event → Check it out
This event has ended. Create your own
Columbia University’s Data Science Institute Presents:

Authors/Collaborators are listed in alphabetical order.

View analytic
Wednesday, April 6 • 2:00pm - 4:30pm
Shuffler: Continuous Code Layout Randomization [D6]

Sign up or log in to save this to your schedule and see who's attending!

Many programs are vulnerable to code-reuse attacks, where their own code is stitched together to form a malicious exploit (known as Return-Oriented Programming or ROP). Recently, Just-In-Time ROP attacks have been described which dynamically discover a target program's code, so even if it is randomized differently every time it runs, ROP can still be performed. We present Shuffler, the first comprehensive re-randomization technique that continuously changes the layout of code in memory as it runs. This process is self-hosting, and the code which implements the migration is itself re-randomized. Shuffler defines a time window -- as short as 100ms -- within which a ROP attacker must gather information, compile, and execute their exploit. This extra time dimension will confound most existing attacks.

Demo/Poster Presenter
avatar for David Williams-King

David Williams-King

PhD Candidate in Computer Science, Columbia Engineering
David is a PhD student at Columbia University advised by Junfeng Yang, Simha Sethumadhavan, and Roxana Geambasu. His interests include security and operating systems, compilers, and speech recognition. He currently researches randomization-based techniques to defeat code reuse attacks, and the practicality of such defenses. | | David graduated from the University of Calgary in 2012 and obtained a master's degree in 2014 from the University... Read More →
avatar for Michelle Zheng

Michelle Zheng

Undergraduate Student in Computer Science and Economic, Columbia College
Michelle is an undergraduate student studying Computer Science and Economics.  She is assisting David Williams-King with his research project, the Shuffler. Michelle’s interests include security, compilers and 3-D user interface design. Michelle is graduating from Columbia College in May 2016.  She worked at Goldman Sachs in the Credit Risk Technology department in the summer of 2015. She has also received awards at HackMIT and... Read More →

Wednesday April 6, 2016 2:00pm - 4:30pm
Roone Arledge Auditorium Lerner Hall, Columbia University 2920 Broadway, New York, NY 10040

Attendees (1)