The challenge: New attack scenarios as part of growing connectivity
More and more devices and systems can now be reached through the Internet and other networks, exposing them to direct attacks. This creates challenges for many companies to appropriately secure their systems and protect themselves against possible hacker attacks. Despite the protection mechanisms currently available (e.g. non-executable storage regions, ran-domization of addresses or stack cookies inserted by the compiler), weaknesses in applications are still being successfully exploited. This poses the question of how these protection mechanisms can be circumvented by the attackers.
The solution: Understanding and predicting binary exploitation from the viewpoint of hackers
As part of this seminar, participants will discover the approaches used by hackers in order to be better prepared for such attacks. The main focus of this seminar is the field of binary exploitation: for example, how programming errors in C code can be exploited to inject and execute external code. As part of this, the question of how effective the system and compiler protection mechanisms are, and how and in what circumstances attackers can circumvent such protection, is answered.