Catching Shellcodes under ARM
Authors: Svetlana Gayvoronskaya and Ivan Petrov
Over the last years the ARM platform became very popular, and the software of ARM devices may contain memory vulnerabilities, which can be exploited via shellcodes. Despite there are many tools for shellcodes detection, most of them are for the x86 platform. This research is an attempt to fill in this gap. The speakers will analyze the applicability of the existing identification methods to ARM and consider possible heuristics for the detection of shellcodes written for this platform.
Svetlana Gayvoronskaya is a former member of the CTF team Bushwhackers. Her interest in shellcodes resulted in presenting at DEFCON, BlackHat, NOPCon and three times at RusCrypto. Her passion for having a hands-on experience with “big systems” lead to a four months project with Microsoft Research on automated detection of malicious tenants in cloud infrastructures. Currently Svetlana works on her thesis on shellcodes detection.
Ivan Petrov is a student and member of Bushwhackers. He researches the possibilities of ARM devices, writes Metasploit modules. Already has published in a topical university articles collection and spoke at RusCrypto.