|
All Events
Connect to this calendar
 RSS
|
|
|
 March 5, 2012
| Time: | 11 a.m.-noon |
| Description: | The Center for Information Assurance and Security presents "Iago Attacks: Why The System Call API Is a Bad Untrusted RPC Interface," a talk by Hovav Shacham of the Department of Computer Science and Engineering at the University of California, San Diego.
In recent years, researchers have proposed systems for running trusted code on an untrusted operating system. Protection mechanisms deployed by such systems keep a malicious kernel from directly manipulating a trusted application's state. Under such systems, the application and kernel are, conceptually, peers, and the system call API defines an RPC interface between them. Shacham and collaborator Stephen Checkoway introduce Iago attacks, attacks that a malicious kernel can mount in this model. They show how a carefully chosen sequence of integer return values to Linux system calls can lead a supposedly protected process to act against its interests, and even to undertake arbitrary computation at the malicious kernel's behest. |
| Location: | Applied Computational Engineering & Sciences Building (ACE), Avaya Auditorium 2.302 |
| URL: | More about this event... |
| Contact: | Melinda D Aleshire | 512-232-7891 |
| Sponsor: | Vitaly Shmatikov & Center for Information Assurance and Security |
| Admission: | Free |
| Categories: | Colloquium, Everyone, Lecture/talk |
 Print |
 Download |
 E-mail |
 Bookmark
|
|
|
Resources for People