The automatic exploitation of vulnerabilities has long been a holy grail for software security.
However, even manual exploitation by experienced security analysts and researchers has become ever more challenging due to the increased complexity of software systems and the introduction of security defenses.
In this keynote, we will orientate ourselves on where we are on the path to automatically "popping root shells with theorems."
We will recap the DARPA Cyber Grand Challenge, a competition organized by the United States' Defense Advanced Research Projects Agency, in which competitors were required to develop and implement a self-contained system that automatically finds, patches, and exploits vulnerabilities in software, and which spurred research on automatic exploitation because of its high stakes.
We will look into the automatic exploitation systems that Shellphish fielded in the DARPA Cyber Grand Challenge (CGC), the Mechanical Phish, which exploited more binary executables than any other team in the CGC's final event.
Finally, we will learn what research came after the DARPA Cyber Grand Challenge, the limitations of current approaches, and what the next challenges that we need to tackle are.
Kevin Borgolte is a postdoctoral research scientist at Princeton University in the Department of Computer Science and the Center for Information Technology Policy.
His research interests span system, software, and network security, currently focused on large-scale Internet abuse, protocol security, and security misconfigurations.
He is a member of the Shellphish Capture the Flag team, and he won third place overall, first place academic, and first place self-funded in the DARPA Cyber Grand Challenge (CGC) with his colleagues from Shellphish.
Kevin holds a PhD in Computer Science from the University of California, Santa Barbara.