Practical Challenges of Type Checking in Control Flow Integrity

•

0 recomendaciones•58 vistas

Sajjad "JJ" Arshad

IEEE Secure Development Conference (SecDev) Poster Session Boston, MA, USA, September 2017

Ciencias

Practical Challenges of Type Checking in Control Flow Integrity
Reza Mirzazade Farkhani; Sajjad Arshad; Saman Jafari
Northeastern University
Reza Mirzazade Farkhani
Northeastern University
Email: reza@iseclab.org
Contac
t
1. Shacham, Hovav, et al. ”On the effectiveness of address-space randomization.” Proceedings of the 11th
ACM conference on Computer and communications security. ACM, 2004.
2. Abadi, Martn, et al. “Control-flow integrity.” Proceedings of the 12th
ACM conference on Computer and
communications security. ACM, 2005.
Reference
s
Type checking
• In this research, we have studied the implications of creating a
restrictive CFI with type matching and propose some solutions to
improve the accuracy of the CFG.
• Combining the result of points-to analysis and type checking can result
in a more precise CFG.
• By pruning the CFG with type matching, a more precise CFG would be
available. This purging decreases the chance of a practical attack on CFI,
but it faces numerous practical deployment challenges.
Conclusions
App Version FP Function Collision
FP ICS Function
nginx 1.10.1 84 1299 48 34 121
httpd 2.4.25 248 2800 64 101 483
lighttpd 1.4.45 27 899 10 47 40
exim 4.90 43 968 17 179 319
Results
Chart 1. Type collision with
glibc
• Lack of memory management in unsafe programming languages
such as C/C++ has been introducing significant threats to the
applications.
• It has been shown that defenses such as ASLR and DEP can be
bypassed by motivated attackers[1].
• Control Flow Integrity (CFI) is introduced to enforce the
application’s control flow to adhere to the statically generated
Control Flow Graph (CFG).[2]
• The effectiveness of CFI depends on the ability to construct an
accurate CFG.
• Type checking only allows control transfers if the types of the
caller and the callee match [3][4].
Problem Statement
• Type checking, indeed, faces numerous practical
challenges for deployment in C and C++ such as type
collision, type diversification and covariant return type.
• There are some types such as void * that can be
matched with any other type.
• Resolving collisions requires global type diversification
which complicates dynamic loading of libraries and
separate compilation.
Table 1. Type collision in popular
applications
Figure 2. CFG of the program based on
type
Figure 1. Sample vulnerable source
code
3. van der Veen, Victor, et al. ”A tough call: Mitigating advanced code reuse attacks at the
binary level.” Security and Privacy (SP), 2016 IEEE Symposium on. IEEE, 2016.
4. Tice, Caroline, et al. ”Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVM.”
USENIX Security Symposium. 2014.

Más contenido relacionado

Similar a Practical Challenges of Type Checking in Control Flow Integrity

Presentation on vulnerability analysis

Asif Anik

Layered approach using conditional random fields for intrusion detection (syn...

Mumbai Academisc

Implementing crosscutting concerns requires aspect oriented developers to be enabled to introduce some mem-bers to core concerns modules along with other. This may lead to a problem of interference among modules, either between classes and aspects or among aspects themselves. Such conflicts may cause program to crash at runtime. Interference problem is addressed but with complex solutions that become more complicated propor-tionally with the project size. In this work a relational database approach and relational algebra is used to detect intertype declaration interferences in aspect oriented design models in order to capture conflicts in an early stage before having it as runtime error. Detection is done in an approach not that complex as the previous ones.

Detecting Aspect Intertype Declaration Interference at Aspect Oriented Design...

IJERA Editor

4213ijsea04

ijseajournal

Computer programs often behave differently under different compilers or in different computing environments. Relative debugging is a collection of techniques by which these differences are analysed. Differences may arise because of different interpretations of errors in the code, because of bugs in the compilers or because of numerical drift, and all of these were observed in the present study. Numerical drift arises when small and acceptable differences in values computed by different systems are integrated, so that the results drift apart. This is well understood and need not degrade the validity of the program results. Coding errors and compiler bugs may degrade the results and should be removed. This paper describes a technique for the comparison of two program runs which removes numerical drift and therefore exposes coding and compiler errors. The procedure is highly automated and requires very little intervention by the user. The technique is applied to the Weather Research and Forecasting model, the most widely used weather and climate modelling code.

THE REMOVAL OF NUMERICAL DRIFT FROM SCIENTIFIC MODELS

IJSEA

A26001006

IJERA Editor

With the increase of global accessibility of web applications, maintaining a reasonable security level for both user data and server resources has become an extremely challenging issue. Therefore, static code analysis systems can help web developers to reduce time and cost. In this paper, a new static analysis model is proposed. This model is designed to discover the security problems in scripting languages. The proposed model is implemented in a prototype SCAT, which is a static code analysis tool. SCAT applies the phases of the proposed model to catch security vulnerabilities in PHP 5.3. Empirical results attest that the proposed prototype is feasible and is able to contribute to the security of real-world web applications. SCAT managed to detect 94% of security vulnerabilities found in the testing benchmarks; this clearly indicates that the proposed model is able to provide an effective solution to complicated web systems by offering benefits of securing private data for users and maintaining web application stability for web applications providers.

Automated server-side model for recognition of security vulnerabilities in sc...

IJECEIAES

Rational Unified Treatment for Web Application Vulnerability Assessment

VESIT/University of Mumbai

Resource Allocation for Antivirus Cloud Appliances

IOSR Journals

H017445260

IOSR Journals

A fast static analysis approach to detect exploit code inside network flows

UltraUploader

Formal method techniques provides a suitable platform for the software development in software systems. Formal methods and formal verification is necessary to prove the correctness and improve performance of software systems in various levels of design and implementation, too. Security Discussion is an important issue in computer systems. Since the antivirus applications have very important role in computer systems security, verifying these applications is very essential and necessary. In this paper, we present four new approaches for antivirus system behavior and a behavioral model of protection services in the antivirus system is proposed. We divided the behavioral model in to preventive behavior and control behavior and then we formal these behaviors. Finally by using some definitions we explain the way these behaviors are mapped on each other by using our new approaches.

A new approach for formal behavioral

ijfcstjournal

Deception towards Moving Target Defense

Basirudin Rachman Djamaluddin

Code clones have been studied for long, and there is strong evidence that they are a major source of software faults. The copying of code has been studied within software engineering mostly in the area of clone analysis. Software clones are regions of source code which are highly similar; these regions of similarity are called clones, clone classes, or clone pairs In this paper a hybrid approach using metric based technique with the combination of text based technique for detection and reporting of clones is proposed. The Proposed work is divided into two stages selection of potential clones and comparing of potential clones using textual comparison. The proposed technique detects exact clones on the basis of metric match and then by text match.

A Novel Approach for Code Clone Detection Using Hybrid Technique

INFOGAIN PUBLICATION

Dependency Injection & IoC

Dennis Loktionov

A New Way of Identifying DOS Attack Using Multivariate Correlation Analysis

ijceronline

Vulnerability Analysis of 802.11 Authentications and Encryption Protocols: CV...

AM Publications

In this paper, a review for consistency of data replication protocols has been investigated. A brief deliberation about consistency models in data replication is shown. Also we debate on propagation techniques such as eager and lazy propagation. Differences of replication protocols from consistency view point are studied. Also the advantages and disadvantages of the replication protocols are shown. We advent into essential technical details and positive comparisons, in order to determine their respective contributions as well as restrictions are made. Finally, some literature research strategies in replication and consistency techniques are reviewed.

Consistency of data replication

ijitjournal

In this paper, a model of protection services in the antivirus system is proposed. The antivirus system behavior separate in to preventive and control behaviors. We extract the properties which are expected from the model of antivirus system approach from control behavior in the form of CTL and LTL temporal logic formulas. To implement the behavior models of antivirus system approach, the ArgoUML tool and the NuSMV model checker are employed. The results show that the antivirus system approach can detects fairness, reachability, deadlock free and verify some properties of the proposed model verified by using NuSMV model checker.

Verification of the protection services in antivirus systems by using nusmv m...

ijfcstjournal

An Overview of Cyber Attack and Computer Network Operations Simulation Sylvain P. Leblanc, Andrew Partington Computer Security Laboratory Royal Military College of Canada [email protected] Ian Chapman, Mélanie Bernier Centre for Operational Research and Analysis Defence Research and Development Canada [email protected] [email protected] Keywords: Overview, Survey Paper, Cyber Attacks, Cyber Warfare, Computer Network Operations Abstract This paper represents a snapshot of the current state of the art in the simulation and modeling of cyber attacks and defensive responses to those. It discusses a number of simulations of cyber warfare, including live, virtual, and constructive simulations. The simulations discussed in this paper were found in the open literature and were conducted in the private sector, academia, and government. Each simulation is briefly described, including goals, methodology, and a brief discussion of its accomplishments. These modeling and simulation efforts are of particular interest to the military modeling and simulation community, as it is likely that military forces will continue to rely ever more heavily on computer and communication networks. 1. INTRODUCTION The concepts and technical challenges behind the simulation of military conflicts in the traditional operational domains – land, maritime, and air – have been well understood for several decades, and thus numerous applications have been developed to support computer wargaming. These wargames are typically used to support training and experimentation, and are seen as a safe and cost-effective way to assess the effects of new technologies and equipment before deploying them to the real battlefield. Recent events, such as the 2007 cyber attack on Estonia, have shown the rising importance of computer network operations (CNO) 1 in an increasingly inter- networked world. Both civilian and military domains have become increasingly reliant on computer networks for communication, information management, utilities management, financial systems, air traffic control, and many other critical applications. In fact, the authors argue elsewhere at this conference that CNO education is vital for both technical and non-technical commanders, and propose using simulation to further these educational goals [1]. 1 Per US Doctrine, CNO is comprised of Computer Network Defense (CND), Computer Network Attack (CNA) and Computer Network Exploitation (CNE). Many sources use cyber warfare; we use both terms. Cyber attacks have the potential to be extremely disruptive to a wired society. To understand some of the ramifications of these events, including their potential impact on the use of networks, the research community has begun the development of a number of applications to simulate cyber warfare. The paper is separated .

An Overview of Cyber Attack and Computer Network Operations Si.docx

nettletondevon

Similar a Practical Challenges of Type Checking in Control Flow Integrity (20)

Presentation on vulnerability analysis

Layered approach using conditional random fields for intrusion detection (syn...

Detecting Aspect Intertype Declaration Interference at Aspect Oriented Design...

4213ijsea04

THE REMOVAL OF NUMERICAL DRIFT FROM SCIENTIFIC MODELS

A26001006

Automated server-side model for recognition of security vulnerabilities in sc...

Rational Unified Treatment for Web Application Vulnerability Assessment

Resource Allocation for Antivirus Cloud Appliances

H017445260

A fast static analysis approach to detect exploit code inside network flows

A new approach for formal behavioral

Deception towards Moving Target Defense

A Novel Approach for Code Clone Detection Using Hybrid Technique

Dependency Injection & IoC

A New Way of Identifying DOS Attack Using Multivariate Correlation Analysis

Vulnerability Analysis of 802.11 Authentications and Encryption Protocols: CV...

Consistency of data replication

Verification of the protection services in antivirus systems by using nusmv m...

An Overview of Cyber Attack and Computer Network Operations Si.docx

Más de Sajjad "JJ" Arshad

Cached and Confused: Web Cache Deception in the Wild

Sajjad "JJ" Arshad

Cached and Confused: Web Cache Deception in the Wild

Sajjad "JJ" Arshad

Cached and Confused: Web Cache Deception in the Wild

Sajjad "JJ" Arshad

HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Gu...

Sajjad "JJ" Arshad

Large-Scale Analysis of Style Injection by Relative Path Overwrite

Sajjad "JJ" Arshad

UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware

Sajjad "JJ" Arshad

Tracing Information Flows Between Ad Exchanges Using Retargeted Ads

Sajjad "JJ" Arshad

How Tracking Companies Circumvent Ad Blockers Using WebSockets

Sajjad "JJ" Arshad

Understanding and Mitigating the Security Risks of Content Inclusion in Web B...

Sajjad "JJ" Arshad

Identifying Extension-based Ad Injection via Fine-grained Web Content Provenance

Sajjad "JJ" Arshad

Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Librari...

Sajjad "JJ" Arshad

A Longitudinal Analysis of the ads.txt Standard

Sajjad "JJ" Arshad

How Tracking Companies Circumvented Ad Blockers Using WebSockets

Sajjad "JJ" Arshad

"Recommended For You": A First Look at Content Recommendation Networks

Sajjad "JJ" Arshad

Include Me Out: In-Browser Detection of Malicious Third-Party Content Inclusions

Sajjad "JJ" Arshad

On the Effectiveness of Type-based Control Flow Integrity

Sajjad "JJ" Arshad

Más de Sajjad "JJ" Arshad (16)