[show abstract][hide abstract] ABSTRACT: Introspection has featured prominently in many recent security solutions, such as virtual machine-based intrusion detection, forensic memory analysis, and low-artifact malware analysis. Widespread adoption of these approaches, however, has been hampered by the semantic gap: in order to extract meaningful information about the current state of a virtual machine, detailed knowledge of the guest operating system's inner workings is required. In this paper, we present a novel approach for automatically creating introspection tools for security applications with minimal human effort. By analyzing dynamic traces of small, in-guest programs that compute the desired introspection information, we can produce new programs that retrieve the same information from outside the guest virtual machine. We demonstrate the efficacy of our techniques by automatically generating 17 programs that retrieve security information across 3 different operating systems, and show that their functionality is unaffected by the compromise of the guest system. Our technique allows introspection tools to be effortlessly generated for multiple platforms, and enables the development of rich introspection-based security applications.
Security and Privacy (SP), 2011 IEEE Symposium on; 06/2011
[show abstract][hide abstract] ABSTRACT: Software is no longer creeping into every aspect of our lives - it's already there. In fact, failing to recognize just how much everything we do depends on software functioning correctly makes modern society vulnerable to software errors.
IEEE Security and Privacy Magazine 05/2009; · 0.96 Impact Factor
[show abstract][hide abstract] ABSTRACT: Process control systems (PCSs) are instrumental to the safe, reliable and efficient operation of many critical infrastructure components. However, PCSs increasingly employ commodity information technology (IT) elements and are being connected to the Internet. As a result, they have inherited IT cyber risks, threats and attacks that could affect the safe and reliable operation of infrastructure components, adversely affecting human safety and the economy. This paper focuses on the problem of securing current and future PCSs, and describes tools that automate the task. For current systems, we advocate specifying a policy that restricts control network access and verifying its implementation. We further advocate monitoring the control network to ensure policy implementation and verify that network use matches the design specifications. For future process control networks, we advocate hosting critical PCS software on platforms that tolerate malicious activity and protect PCS processes, and testing software with specialized tools to ensure that certain classes of vulnerabilities are absent prior to shipping. Full Text at Springer, may require registration or fee
Critical Infrastructure Protection, Post-Proceedings of the First Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection, Dartmouth College, Hanover, New Hampshire, USA, March 19-21, 2007; 01/2007
[show abstract][hide abstract] ABSTRACT: Achieving content high-availability is one of the most important goals of a webserver system. In order to achieve high-availability in the traditional client-server setting, the server must have the bandwidth and the hardware needed to handle any peak load that might occur. However, this is a very costly and rarely practical solution, especially for most non-commercial servers subjected to the Slashdotting effect. We propose a WebTorrent system based on BitTorrent that will leverage the resources of the clients to help the server make the content more available. Such a system will help alleviate the load on the server and reduce client download times.
[show abstract][hide abstract] ABSTRACT: The capabilities of seven dynamic buer overflow detec- tion tools (Chaperon, Valgrind, CCured, CRED, Insure++, ProPolice and TinyCC) are evaluated in this paper. These tools employ dierent approaches to runtime buer over- flow detection and range from commercial products to open- source gcc-enhancements. A comprehensive testsuite was developed consisting of specifically-designed test cases and model programs containing real-world vulnerabilities. In- sure++, CCured and CRED provide the highest buer over- flow detection rates, but only CRED provides an open-source, extensible and scalable solution to detecting buer over- flows. Other tools did not detect o-by-one errors, did not scale to large programs, or performed poorly on complex programs.
[show abstract][hide abstract] ABSTRACT: Abstract Computer attacks can cripple major software systems and cost billions of dollars in dam- age by exploiting vulnerabilities in software. One type of vulnerability, the buer overflow, is common,in low-level languages like C that do not have built-in bounds-checking. Modified compilers are available to add bounds-checking to C applications, but a major part of the problem remains: how can a program survive the bug or attack and continue providing its service? Failure-oblivious computing helps an attacked program continue execution by cre- ating an illusion of correct memory,accesses. While failure-oblivious computing techniques can prevent exploits, the nature of the techniques can still cause programs to terminate pre- maturely or to produce incorrect results. We attempt to create new and improved heuristics that enhance programs’ ability to continue executing through buer,overflow vulnerabili- ties and other memory,errors while attempting to sacrifice as little correctness of results as possible.
[show abstract][hide abstract] ABSTRACT: Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2005. This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections. Includes bibliographical references (p. 143-146). The research presented in this thesis aims to improve existing approaches to dynamic buffer overflow detection by developing a system that utilizes code instrumentation and adaptive test case synthesis to find buffer overflows and corresponding failure-inducing inputs automatically. An evaluation of seven modern dynamic buffer overflow detection tools determined that C Range Error Detector (CRED) is capable of providing fine-grained buffer access information necessary for the creation of this system. CRED was also selected because of its ability to provide comprehensive error reports and compile complex programs with reasonable performance overhead. CRED was extended to provide appropriate code instrumentation for the adaptive testing system, which also includes a test case synthesizer that uses data perturbation techniques on legal inputs to produce new test cases, and an analytical module that evaluates the effectiveness of these test cases. Using information provided by code instrumentation in further test case generation creates a feedback loop that enables a focused exploration of the input space and faster buffer overflow detection. Applying the adaptive testing system to jabberd, a Jabber Instant Messaging server, demonstrates its effectiveness in finding buffer overflows and its advantages over existing dynamic testing systems. (cont.) Adaptive test case synthesis using CRED to provide buffer access information for feedback discovered 6 buffer overflows in jabberd using only 53 messages, while dynamic testing using random messages generated from a protocol description found only 4 overflows after sending 10,000 messages. by Michael A. Zhivich. M.Eng.