1、#BHUSA BlackHatEventsStop!Sandboxing Exploitable Stop!Sandboxing Exploitable Functions and ModulesFunctions and ModulesUsing InUsing In-Kernel Machine LearningKernel Machine LearningPresenter:Qinrun DaiContributors:Zicheng Wang,Tiejin Chen,Yueqi Chen,and Hua Wei#BHUSA BlackHatEventsAbout us3535Qinru
2、n DaiPhD StudentUniversity of Colorado,BoulderZicheng WangPhDNanjing UniversityTiejin ChenPhD StudentArizona State UniversityYeuqi ChenAssistant ProfessorUniversity of Colorado,BoulderHua WeiAssistant ProfessorArizona State University#BHUSA BlackHatEventsAgenda MotivationRisky Time Window in Kernel
3、DevelopmentExisting Solutions and LimitationsChallenges of On-the-Fly Solution Challenges&Design Overview Example Workflow by CVE-2022-0995&Video Demo Technical Details Evaluation3636Tool is available at:https:/ is available at:https:/arxiv.org/abs/2401.05641#BHUSA BlackHatEventsRisky Time Window in
4、 Kernel Development3737#BHUSA BlackHatEventsRisky Time Window in Kernel Development3838Linux Kernel Development Timeline#BHUSA BlackHatEventsRisky Time Window in Kernel Development3939VulnerabilityIntroductionLinux Kernel Development Timeline#BHUSA BlackHatEventsRisky Time Window in Kernel Developme
5、nt4040VulnerabilityDiscoveryVulnerabilityIntroductionLinux Kernel Development Timeline#BHUSA BlackHatEventsRisky Time Window in Kernel Development4141VulnerabilityDiscoveryVulnerabilityIntroductionUpstream PatchMergingLinux Kernel Development TimelineDevelopers:analyze bugs,develop and test patches#
6、BHUSA BlackHatEventsRisky Time Window in Kernel Development4242VulnerabilityDiscoveryVulnerabilityIntroductionPatch Deploymentin DistrosUpstream PatchMergingLinux Kernel Development TimelineDevelopers:analyze bugs,develop and test patches#BHUSA BlackHatEventsRisky Time Window in Kernel Development43