1、#BHAS BlackHatEventsJDD:In-depth Mining of Java Deserialization Gadget Chain via Bottom-up Gadget Search and Dataflow aided Payload ConstructionSpeaker:Bofei Chen,Yinzhi CaoOther Contributors:Lei Zhang,Xinyou Huang,Yuan Zhang,Min Yang#BHAS BlackHatEventsWho Are WeBofei Chen(Speaker)PhD student at Fu
2、dan University Secsys Lab Focus on program analysis,vulnerability detection and exploitation.Yinzhi Cao(Speaker)Associate Professor at Johns Hopkins University Technical Director at the JHU Information Security Institute Focus on security and privacy of the Web,smartphones,and machine learning using
3、 program analysis techniques.#BHAS BlackHatEventsLei ZhangAssistant Professor at Fudan University Secsys LabFocus on vulnerability detection,exploitation,and automatic fixes,etc.Xinyou HuangMaster student at Fudan University Secsys LabFocus on dynamic and static program analysis,vulnerability exploi
4、tation.Yuan ZhangProfessor at Fudan University Secsys Lab(co-director)Focus on vulnerability research(e.g.,Web,agents,kernel and firmware)Min YangProfessor at Fudan University Secsys Lab(leader)Focus on vulnerability discovery,mitigation,and privacy protection,etc.Who Are We#BHAS BlackHatEventsAgend
5、a Introduction Technique Challenges JDD:Approach and Implementation Evaluation and New Findings Conclusion&Takeaways#BHAS BlackHatEventsIntroduction What is a Java deserialization vulnerability?Why is Java deserialization vulnerability worth researching?How to detect and exploit a Java deserializati
6、on vulnerability?Mitigation and discussion.#BHAS BlackHatEventsJava Serialization and Deserialization Serialization and deserialization are inverse processes of each other.An objects fields are preserved along with their assigned values.Java ObjectStream of Bytesfield aJava ObjectStream of Bytesfiel