A filesystem attack vector for backdoors, rowhammer-like attacks, and more
Anil Kurmus IBM Research, Zurich Tuesday, October 23, 2018 @ 3:15 pm BC 02 Hosted by: Prof. Mathias Payer
Abstract
In this talk, we will see how a seemingly simple filesystem trick, manipulation of indirect block pointers, can be used in two (and possibly more) attacks. The first attack is for a backdoor that allows persistence on a machine without resorting to modifying binaries or configuration files on the system. A live demo will be shown. The second attack is in the context of our WOOT paper, where we show a filesystem-level attack vector for rowhammer-like attacks on Flash.
Biography
Anil Kurmus is a security researcher at the IBM Research Zurich laboratory. His interests are mainly on systems security, software security, storage systems, and applied cryptography, both in terms of offensive and defensive research. He holds a PhD degree (Dr.-Ing) from Technische Universitat Braunschweig (2014), and a Master’s degree (Diplome d’Ingenieur) from Telecom ParisTech (2009). His work, often in collaboration with excellent students visiting IBM Research, has been published in top conferences such as CCS, NDSS and ACSAC and he is the author of several patents on systems security.