Achieving Trusted Systems by Providing Security and Reliability - PowerPoint PPT Presentation

1 / 1
About This Presentation
Title:

Achieving Trusted Systems by Providing Security and Reliability

Description:

... Errors (DSN'01, DSN'02) Modeling and Analyzing Software Security Vulnerabilities (DSN'03) ... DSN'03. Memory layout randomization-based defensive technique ... – PowerPoint PPT presentation

Number of Views:65
Avg rating:3.0/5.0
Slides: 2
Provided by: shuo
Category:

less

Transcript and Presenter's Notes

Title: Achieving Trusted Systems by Providing Security and Reliability


1
Achieving Trusted Systems by Providing Security
and Reliability
Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu,
Shuo Chen, Nithin Nakka and Karthik Pattabiraman
Objective and Approach
Accomplishments
Threat of Hardware Memory Errors (DSN01, DSN02)
  • Study impact of hardware errors on system
    security
  • IEEE Dependable Systems and Networks (DSN01 and
    DSN02)
  • State machine modeling of realistic security
    vulnerabilities
  • DSN03
  • Memory layout randomization-based defensive
    technique
  • IEEE Reliable Distributed Systems (SRDS03)
  • Architecture level support for reliability and
    security
  • EASY02, DSN04 and DSN05
  • Formal reasoning on security vulnerabilities
  • IFIP Information Security (SEC04)
  • Non-control-data attack a new security threat
  • USENIX Security (Security05)
  • Objective
  • design and validate secure and reliable computing
    systems to support critical infrastructures.
  • Approach
  • analyze raw data on security vulnerabilities and
    attacks
  • generate stochastic and state machine models
    depicting security threats
  • apply formal reasoning to uncover security
    vulnerabilities due to inconsistencies between
    system specifications and implementations
  • implement defensive techniques at compiler,
    operating system and hardware levels

Due to hardware memory errors, users can log in
with arbitrary passwords
?
Attacker
Network server (FTP and SSH)
Due to hardware memory errors, packets can
penetrate firewalls
Attacker
Target host
Firewall (IPChains and Netfilter)
  • Emulate random hardware memory errors
  • Stochastic model quantitatively assess the
    threat in real environments

Identifying New Security Threats(USENIX
Security05)
Memory Layout Randomization-based Defense
Technique (SRDS03)
Modeling and Analyzing Software Security
Vulnerabilities (DSN03)
  • Observation
  • Success of memory corruption attacks require
    attackers knowledge about the memory layout of
    the victim process
  • Technique
  • Modify the loader so that every time when an
    application process starts, its memory layout is
    randomized.
  • Attack attempts crash the process rather than
    take control over the application.
  • Randomized memory regions
  • Stack
  • Heap
  • Shared Libraries
  • Global offset table

WU-FTP Server Format String Attack
NULL-HTTP Server Heap Corruption Attack
  • Most current attacks are control-data attacks
  • Corrupting function pointers or return addresses
    to run malicious code.
  • Many defensive techniques are proposed to defeat
    control-data attacks, e.g., syscall-based IDS,
    non-executable memory and control data
    protection.
  • New threat non-control-data attacks
  • User identity data, configuration data, user
    input data and decision-making Booleans
  • Non-control-data attacks can obtain the root
    privilege by exploiting vulnerabilities of FTP,
    SSH, HTTP and Telnet servers
  • More comprehensive defensive techniques are
    needed.
  • State machine based modeling of buffer overflow,
    format string, heap corruption, and integer
    overflow

Formal Analysis on Security Vulnerabilities
(SEC04)
Architectural Supports for Security and
Reliability
Future Directions
(EASY02, DSN04, DSN05)
  • The root cause of many vulnerabilities ( gt 66 of
    CERT advisories) pointer taintedness
  • Pointer taintedness a pointer value is derived
    directly or indirectly from user input
  • Formally defined semantics of pointer taintedness
    enables extracting security preconditions in
    application source code
  • Implement a compiler and a theorem prover to
    analyze C-code to extract conditions of pointer
    taitnedness.
  • Usefulness of extracted security preconditions
  • Vulnerability avoidance removal of
    vulnerabilities from the source code
  • Generation of assertions for runtime
    vulnerability masking
  • Hardware-level checking enhancing processors to
    detect pointer taintedness.
  • Combination of static code analysis and
    architecture support
  • To automatically derive predicates to be checked
    by processor at runtime
  • Reliability and security support for embedded
    systems
  • Migrate our current techniques to embedded
    systems
  • New topics cell phone viruses, reduced power
    consumption, tamper-resistance hardware, crypto
    and authentication hardware/software
  • Reliability and Security Engine (RSE)
  • A reconfigurable processor framework to embed
    reliability and security checking modules.
  • Modules perform low-latency detections.
  • Reliability
  • data range check, instruction sequence check,
    hang/crash detection and hardware checkpointing
  • Security
  • secure return address stack, memory layout
    randomization and pointer taintedness detection
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Achieving Trusted Systems by Providing Security and Reliability" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!