Labyrinth, an effective way to foil code injection attacks

Ray Heasman, Technology Group Northwest

Ray Heasman of Technology Group Northwest will present Labyrinth, a new way to foil heap smashes, buffer overflows, and related remote code injection attacks. Labyrinth can also protect multiple processes on the same CPU from each other. No certificates are used and no trust is required between any parties. The concept is applicable to supercomputers, PC's and even single chip micro-controllers without MMUs. The performance impact is negligible and very little programming effort is required to reap the security benefits.

Labyrinth is an architectural feature. CPUs with Labyrinth built-in are backward compatible with existing designs at the levels of operating systems, software, and board layouts. This talk will fully describe the working details of Labyrinth.


Mr. Heasman has worked at every level of electronic system design, from VHDL to circuit design and layout to application development. He has written an embedded realtime microkernel OS and a distributed wireless network protocol. He was involved in the design and debugging of several professional audio and Firewire devices and cut his teeth by developing the core architecture, firmware and hardware for a seismic data collection system used in mines around the world. He likes getting his hands dirty, and is addicted to small companies and startups.

16 Jan (Tuesday) at 1630 hrs

Gates 4B (opposite 490)