Loading…
Wednesday, August 21 • 12:00pm - 12:30pm
It's Coming From Inside the House: Kernelspace Fault Injection with KRF - William Woodruff, Trail of Bits*

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Fault injection (FI) has become an increasingly popular software testing method, with major players like Netflix, Microsoft, and Google using automated failures to test the end-to-end resiliency of their (geographically, functionally) distributed services.

In this talk, William Woodruff presents a lower-level, vulnerability-first approach: by randomly inducing errors in the system calls made by (targeted) programs, fault injection can be used to discover incorrect and potentially dangerous assumptions. This talk will cover specific classes of dangerous assumptions and their potential for exploitation, all motivated by KRF, a kernelspace fault injector open-sourced by Trail of Bits.

Speakers
WW

William Woodruff

Security Engineer, Trail of Bits
William contributes to the engineering and research practices at Trail of Bits in work for corporate and governmental clients. He has developed several of our open-source projects (e.g., KRF, twa, winchecksec, Sienna Locomotive, and pe-parse with Alessandro). Outside of the company... Read More →



Wednesday August 21, 2019 12:00pm - 12:30pm
Sapphire D
  • Session Slides Included Yes