September 15 - 16, 2022 | Dublin, Ireland + Virtual
View More Details & Registration Information
Note: The schedule is subject to change.

Please note all session times are listed in Irish Standard Time (IST), UTC +1.
To view the schedule at your preferred time, please choose your location on the right-hand navigation panel under ’Timezone.’

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Linux Security Summit Europe 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
Back To Schedule
Thursday, September 15 • 11:15 - 12:00
HotBPF - An On-demand and On-the-fly Memory Protection for the Linux Kernel - Yueqi Chen, University of Colorado Boulder & Zhenpeng Li, Northwestern University

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Oftentimes there can be a large window between a kernel vulnerability disclosure and its remediation, leaving the system open for exploitation. In this talk, we will present the design of a mechanism that can protect the Linux kernel from memory exploitation during this time window. In addition to this, this protection has the following extra advantages: 1) enabled on-the-fly without recompiling/rebooting the system. 2) independent of hardware features and hypervisor - can be widely deployed in various scenarios (e.g., embedded systems and cloud servers). 3) lightweight - overall 2% - 3% performance overhead. In this talk, we will describe the design and evaluation of this protection. We will start from its static analysis part which identifies vulnerable structures (i.e., where corruption happens) that need separation. Then, we will describe how we extend the eBPF mechanism and virtual memory allocator to isolate vulnerable structures on-the-fly and thus avoid overwriting/overreading sensitive kernel data. Finally, we will systematically evaluate the protection's performance at different levels of granularity and measure its security improvement using a set of real-world attacks.


Yueqi Chen

Assistant Professor, University of Colorado Boulder
Yueqi Chen is an Assistant Professor in the Department of Computer Science at the University of Colorado Boulder. He was awarded the IBM Ph.D. Fellowship 2020-2022. In general, his research focuses on system security and software security. He is particularly interested in developing... Read More →

Zhenpeng Li

Ph.D. Student, Northwestern University
Zhenpeng Lin is a Ph.D. student at Northwestern University, advised by Dr. Xinyu Xing. His research focuses on OS exploitation and defense. He loves hacking in the real world. As an exploiter, He has demonstrated many Linux kernel exploitation on Google's products (COS) on KCTF VRP... Read More →

Thursday September 15, 2022 11:15 - 12:00 IST
Liffey A (Level 1)