Ben Hawkes
April 15, 2016 at 12:00 PM in 380 Soda Hall
Title:What makes software exploitation hard?
Abstract: In 2014, Google created a new security research team called Project Zero. The team has a simple mission - "make software exploits hard". To achieve this goal we use in-house attack research to improve software and design new defenses. This talk introduces the background and history of Project Zero, describes some of the research that Project Zero has performed, and highlights some of the technologies that have made vulnerability discovery and exploitation fundamentally harder in recent years.
Bio: Ben Hawkes is a founding member of Google's "Project Zero" security research team. As a researcher, Ben has discovered dozens of serious vulnerabilities across a number of different software platforms (including Android, Linux, and Windows). He has regularly presented and published research focused on vulnerability analysis and software exploitation, such as novel heap exploitation techniques on Windows. Prior to Project Zero, Ben worked for four years on the security of Google's products and infrastructure, with a particular interest in virtualization and sandboxing.