11:15 AM on Friday, October 5, 2012
Location: Lavery Hall 340
senior security research lead at Cyber Innovation Unit
Battelle memorial institute
Cyber security has boomed over the last decade because of several factors including:
• Increasing complexity of hardware/software systems
• Explosion of Internet connected devices, usage and E-business activities
• Criminal activities seeking money making opportunities
• State- and non-state sponsored activities seeking information
Once a small event hosted by a group of underground hackers, Black Hat® has evolved into a focal point for cyber security businesses with sponsorship by many Fortune 500 companies. With states behind many cyber security activities, computer and network defense, attacks (vulnerabilities/exploitations) and analytics are hot areas in the field.
Practical problems require fundamental research to solve. In this presentation, we review important milestones in the arms-race between cyber security offense and defense, and look into how game-changing research has helped shape the current state of cyber security. On the defense side, we examine in detail how Non-Executable (NX) and Address Space Layout Randomization (ASLR) have been built into commercial products and effectively raised the bar of system defense. Conversely, we describe how the attackers adapted to these defensive techniques using Return-Oriented Programming (ROP) and Information Leakage. We show how some new analytical techniques (such as binary taint analysis and symbolic execution), rooted in academic research, are double-edged swords that impact both offense and defense. While analyzing these techniques, we point out open questions for existing research and look ahead at the challenges presented by diversified computing devices and environments including mobile, embedded system, desktop and clouds. We conclude with our solutions to the cross-platform analysis problems.
Speaker bio: Nathan (Lixin) Li, senior security research lead at Cyber Innovation Unit of Battelle memorial institute, leads the research of cross-platform binary analysis and development of automated security applications including vulnerability analysis, exploit generation automation, automated reverse engineering environment and malware analysis. His extensive research and implementation experiences covered software defense, offense and analytics, spanned layers from web application, OS to micro-processor, and crossed platforms from x86-based desktop, PowerPC/MIPS-based router/switch to ARM-based mobile devices. His most recent work includes research and developing a Cross-platform Binary Automated Symbolic-execution System (CBASS) using heavy weight taint analysis and concrete-symbolic execution. In the last decade, he has architected low level memory management system for large scale commercial products and led several DARPA sponsored security research projects since 2005. He researched and implemented an ASLR solution on Windows binary from kernel to provide host protection, years before ASLR found its way into Windows OS. He applied and extended light-weight taint-inference research to protect web and binary applications alike. Nathan previously worked as principal research engineer at BAE AIT, where his focus was scalable security analysis automation for large system and generalized binary taint analysis. He holds M.S. degree in Computer Science from Oregon State University and owns US patents.