《停止!使用内核机器学习对可利用的函数和模块进行沙箱隔离.pdf》由会员分享,可在线阅读,更多相关《停止!使用内核机器学习对可利用的函数和模块进行沙箱隔离.pdf(82页珍藏版)》请在三个皮匠报告上搜索。
1、#BHUSA BlackHatEventsStop!Sandboxing Exploitable Stop!Sandboxing Exploitable Functions and ModulesFunctions and ModulesUsing InUsing In-Kernel Machine LearningKernel Machine LearningPresenter:Qinrun DaiContributors:Zicheng Wang,Tiejin Chen,Yueqi Chen,and Hua Wei#BHUSA BlackHatEventsAbout us3535Qinru
2、n DaiPhD StudentUniversity of Colorado,BoulderZicheng WangPhDNanjing UniversityTiejin ChenPhD StudentArizona State UniversityYeuqi ChenAssistant ProfessorUniversity of Colorado,BoulderHua WeiAssistant ProfessorArizona State University#BHUSA BlackHatEventsAgenda MotivationRisky Time Window in Kernel
3、DevelopmentExisting Solutions and LimitationsChallenges of On-the-Fly Solution Challenges&Design Overview Example Workflow by CVE-2022-0995&Video Demo Technical Details Evaluation3636Tool is available at:https:/ is available at:https:/arxiv.org/abs/2401.05641#BHUSA BlackHatEventsRisky Time Window in
4、 Kernel Development3737#BHUSA BlackHatEventsRisky Time Window in Kernel Development3838Linux Kernel Development Timeline#BHUSA BlackHatEventsRisky Time Window in Kernel Development3939VulnerabilityIntroductionLinux Kernel Development Timeline#BHUSA BlackHatEventsRisky Time Window in Kernel Developme
5、nt4040VulnerabilityDiscoveryVulnerabilityIntroductionLinux Kernel Development Timeline#BHUSA BlackHatEventsRisky Time Window in Kernel Development4141VulnerabilityDiscoveryVulnerabilityIntroductionUpstream PatchMergingLinux Kernel Development TimelineDevelopers:analyze bugs,develop and test patches#
6、BHUSA BlackHatEventsRisky Time Window in Kernel Development4242VulnerabilityDiscoveryVulnerabilityIntroductionPatch Deploymentin DistrosUpstream PatchMergingLinux Kernel Development TimelineDevelopers:analyze bugs,develop and test patches#BHUSA BlackHatEventsRisky Time Window in Kernel Development43