1 “Operating System Protection Through Program Evolution” Dr. Frederick B. Cohen “…one of the major reasons attacks succeed is because of the static nature.

Slides:

Advertisements

Similar presentations

CLASSICAL ENCRYPTION TECHNIQUES

Advertisements

Overcoming an UNTRUSTED COMPUTING BASE: Detecting and Removing Malicious Hardware Automatically Matthew Hicks Murph Finnicum Samuel T. King University.

Analysis of Algorithms

Chapter 2: Using Objects Part 1. To learn about variables To understand the concepts of classes and objects To be able to call methods To learn about.

CS0007: Introduction to Computer Programming Console Output, Variables, Literals, and Introduction to Type.

SYSTEM PROGRAMMING & SYSTEM ADMINISTRATION

Abhinn Kothari, 2009CS10172 Parth Jaiswal 2009CS10205 Group: 3 Supervisor : Huzur Saran.

Team Name: team13 Programmer: 陳則凱 b Tester: 劉典恆 b

SMU SRG reading by Tey Chee Meng: Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications by David Brumley, Pongsin Poosankam,

Linear Obfuscation to Combat Symbolic Execution Zhi Wang 1, Jiang Ming 2, Chunfu Jia 1 and Debin Gao 3 1 Nankai University 2 Pennsylvania State University.

By Alex Kirshon and Dima Gonikman Under the Guidance of Gabi Nakibly.

Chapter 8 Runtime Support. How program structures are implemented in a computer memory? The evolution of programming language design has led to the creation.

CS 106 Introduction to Computer Science I 11 / 09 / 2007 Instructor: Michael Eckmann.

Name: Hao Yuan Supervisor: Len Hamey ITEC810 ProjectTransformations for Obfuscating Object-Oriented Programs1.

1 Homework Turn in HW2 at start of next class. Starting Chapter 2 K&R. Read ahead. HW3 is on line. –Due: class 9, but a lot to do! –You may want to get.

Telescoping Languages: A Compiler Strategy for Implementation of High-Level Domain-Specific Programming Systems Ken Kennedy Rice University.

1 Module 12 Computation and Configurations –Formal Definition –Important Terms –Examples.

Module 12 Computation and Configurations Formal Definition Examples.

CS 106 Introduction to Computer Science I 03 / 28 / 2008 Instructor: Michael Eckmann.

CS 106 Introduction to Computer Science I 03 / 30 / 2007 Instructor: Michael Eckmann.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.

1 Random numbers Random  completely unpredictable. No way to determine in advance what value will be chosen from a set of equally probable elements. Impossible.

Computer Science: A Structured Programming Approach Using C1 Objectives ❏ To understand the structure of a C-language program. ❏ To write your first C.

1. 2 Chapter 1 Introduction to Computers, Programs, and Java.

Basic Elements of C++ Chapter 2.

Testing Processes of Web Applications Susan Cohen.

Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

High level & Low level language High level programming languages are more structured, are closer to spoken language and are more intuitive than low level.

General Computer Science for Engineers CISC 106 Lecture 02 Dr. John Cavazos Computer and Information Sciences 09/03/2010.

AMNESIA: Analysis and Monitoring for NEutralizing SQL- Injection Attacks Published by Wiliam Halfond and Alessandro Orso Presented by El Shibani Omar CS691.

Computer Security and Penetration Testing

Team Name: team13 Programmer: 陳則凱 b Tester: 劉典恆 b

LANGUAGE TRANSLATORS: WEEK 24 TRANSLATION TO ‘INTERMEDIATE’ CODE (overview) Labs this week: Tutorial Exercises on Code Generation.

The string data type String. String (in general) A string is a sequence of characters enclosed between the double quotes "..." Example: Each character.

Program A computer program (also software, or just a program) is a sequence of instructions written in a sequence to perform a specified task with a computer.

Hardware Assisted Control Flow Obfuscation for Embedded Processors Xiaoton Zhuang, Tao Zhang, Hsien-Hsin S. Lee, Santosh Pande HIDE: An Infrastructure.

Programming Principles Chapter 1. Objectives Discuss the program design process. Introduce the Game of Life. Discuss object oriented design. – Information.

1 Experience With Software Watermarking Author: Jens Palsberg et al. Presenter: Charles He “Embedding Watermarking in dynamic data structures … can be.

Looping and Counting Lecture 3 Hartmut Kaiser

Strings in MIPS. Chapter 2 — Instructions: Language of the Computer — 2 Character Data Byte-encoded character sets – ASCII: 128 characters 95 graphic,

G ENESIS : A Framework For Achieving Component Diversity John C. Knight, Jack W. Davidson, David Evans, Anh Nguyen-Tuong University of Virginia Chenxi.

Evolutionary Security CS 610: Advanced Security Gabriel Daleson.

Password Security Review Your password is the last line of defense. Keep your data safe with good password practices. Mikio Olin Kevin Matteson.

Structured Programming (4 Credits) HNDIT Week 2 – Learning Outcomes Design an algorithmic solution for simple problem such as computation of a factorial,

Information Leaks Without Memory Disclosures: Remote Side Channel Attacks on Diversified Code Jeff Seibert, Hamed Okhravi, and Eric Söderström Presented.

Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion.

Operating System Protection Through Program Evolution Fred Cohen Computers and Security 1992.

By Mr. Muhammad Pervez Akhtar

How to execute Program structure Variables name, keywords, binding, scope, lifetime Data types – type system – primitives, strings, arrays, hashes – pointers/references.

Exploiting Instruction Streams To Prevent Intrusion Milena Milenkovic.

Network Security. Three tools Hash Function Block Cipher Public Key / Private Key.

Cryptography Cryptography is the use of mathematics to encode messages and prevent them from being read by anyone who doesn’t know the code. One way that.

Dynamic White-Box Testing What is code coverage? What are the different types of code coverage? How to derive test cases from control flows?

Information and Computer Security CPIS 312 Lab 1

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Genetic Algorithms and Evolutionary Programming A Brief Overview.

Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.

Programming what is C++

C++ Programming: Presentation 1

Variables Mr. Crone.

Operating System Protection Through Program Evolution

Cryptographic Hash Function

Network Security.

Context-based Data Compression

Simple Encryption- Lesson 5

What Is Wrong With This Simple Code?

Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS

Function Notation.

Presentation transcript:

1 “Operating System Protection Through Program Evolution” Dr. Frederick B. Cohen “…one of the major reasons attacks succeed is because of the static nature of defense, and the dynamic nature of attack.”

2 Outline Attacks and Defense –a brief look at the types of attack evolution can help prevent Program Evolution –what is it? –why do we want it? –a problem to consider. Program Encoding –an overview of an evolution technique.

3 Attack & Defense The Ultimate Attack –Physical access to system –Knowledge of system Exploitation of known weaknesses The Ultimate Defense –Increase complexity of attack to make cost of attack to high “…security through obscurity...”

4 What is Program Evolution? Automated creation of equivalent programs –“..consider two programs equivalent if, given identical input sequences, they produce identical output sequences.” –An evolved program may run faster/slower, or take more/less space than the original. –An evolved program may or may not increase the complexity of attack. Techniques for Evolution –Instruction/Sequence Equivalence, Instruction Reordering –Variable Substitution, Adding/Removing of Jumps/Calls –Garbage Insertion, Program Encoding, Simulation….

5 Purpose of Evolution Diversity –an attacker who defeats one evolution of a program may not be able to apply the same attack to another evolution of the same program. Obscurity –evolution obscures the underlying program, making analysis potentially more difficult.

6 What Does This Program Do? int x = 0, y = 5, z = 0; for(int p = 0; p < 10; p++) { z = foo(p, y); y = y + 1 x = z; print x; } int foo(int x, int y) { float t = x/2, u = (y*2)/4; if(u > t) t = 4 * t + 2 * y; else t = 2 * t + 1; return t; } int x = 0; for(int i = 0; i < 10; i++) { x = i + 1; print x; } it prints the sequence 1,2,

7 Program Encoding Choose symbols to replace program symbols, interpret new symbols at runtime to generate original program. –encryption and compression are forms of encoding. –can have significant performance impact.  What does this say ? “svool ”  Answer : “hello ” ·a simple encoding - the i th letter of the alphabet is mapped to the (27 - i) th letter, a similar scheme for digits...

8 Conclusion This article gives a lot of information on evolution techniques and ways of overcoming the inherent difficulties of evolutionary defenses. I would recommend it to anyone interested in methods of obscuring program code / executables.