CS457 – Introduction to Information Systems Security Projects Elias Athanasopoulos

Slides:

Advertisements

Similar presentations

Undefined Behavior What happened to my code?

Advertisements

CS Overshadow Response Michael Deighan (9/1/09) ● Goals  application authenticity  execution integrity  data privacy ● Options  Overshadow extension.

Improving Integer Security for Systems with KINT Xi Wang, Haogang Chen, Zhihao Jia, Nickolai Zeldovich, Frans Kaashoek MIT CSAIL Tsinghua IIIS.

ROP is Still Dangerous: Breaking Modern Defenses Nicholas Carlini et. al University of California, Berkeley USENIX Security 2014 Presenter: Yue Li Part.

CS457 – Introduction to Information Systems Security Software 4 Elias Athanasopoulos

Securing Untrusted Code via Compiler-Agnostic Binary Rewriting Richard Wartell, Vishwath Mohan, Dr. Kevin Hamlen, Dr. Zhiqiang Lin The University of Texas.

Integrity & Malware Dan Fleck CS469 Security Engineering Some of the slides are modified with permission from Quan Jia. Coming up: Integrity – Who Cares?

David Brumley Carnegie Mellon University Credit: Some slides from Ed Schwartz.

CS457 – Introduction to Information Systems Security Software 3 Elias Athanasopoulos

Introduction to Information Security ROP – Recitation 5 nirkrako at post.tau.ac.il itamarg at post.tau.ac.il.

Richard Wartell, Vishwath Mohan, Dr. Kevin Hamlen, Dr. Zhiqiang Lin

Introduction 1-1 CS6204 Recent Advances in Computer Security and Privacy 3-credit graduate-level seminar Danfeng (Daphne) Yao Spring 2010 Office hours:

Moving Target Defense in Cyber Security

ARC: Protecting against HTTP Parameter Pollution Attacks Using Application Request Caches Elias Athanasopoulos, Vassileios P. Kemerlis, Michalis Polychronakis.

Differential Slicing: Identifying Causal Execution Differences for Security Applications Noah M. Johnson 1, Juan Caballero 2, Kevin Zhijie Chen 1, Stephen.

CS457 – Introduction to Information Systems Security Cryptography 1b Elias Athanasopoulos

Defending against Return-Oriented Programming

Part III Counter measures The best defense is proper bounds checking but there are many C/C++ programmers and some are bound to forget  Are there any.

Buffer Overflow Prevention ”\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e \x89\xe3\x50\x53\x50\x54\x53\xb0\x3b\x50\xcd\x80” Presented to CRAB April.

Memory Attacks and Protection through Software Diversity

Framing Signals— A Return to Portable Shellcode

Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.

BinHunt: Automatically Finding Semantic Differences in Binary Programs Debian Gao Michael K. Reiter Dawn Song ICICS 2008: 10th International Conference.

Software Security Lecture 0 Fang Yu Dept. of MIS National Chengchi University Spring 2011.

TaintCheck and LockSet LBA Reading Group Presentation by Shimin Chen.

@ NCSU Zhi NCSU Xuxian Microsoft Research Weidong Microsoft NCSU Peng NCSU ACM CCS’09.

Andrea Bittau, Adam Belay, Ali Mashtizadeh, David Maziéres, Dan Boneh

Branch Regulation: Low-Overhead Protection from Code Reuse Attacks Mehmet Kayaalp, Meltem Ozsoy, Nael Abu-Ghazaleh and Dmitry Ponomarev Department of Computer.

1 RISE: Randomization Techniques for Software Security Dawn Song CMU Joint work with Monica Chew (UC Berkeley)

Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.

Software fault isolation with API integrity and multi-principal modules MIT CSAIL Yandong Mao, Haogang Chen (MIT CSAIL), Tsinghua University IIIS Dong.

Smashing the Gadgets: Hindering Return-Oriented Programming Using In-Place Code Randomization Vasilis Pappas, Michalis Polychronakis, and Angelos D. Keromytis.

SCRAP: Architecture for Signature-Based Protection from Code Reuse Attacks Mehmet Kayaalp, Timothy Schmitt, Junaid Nomani, Dmitry Ponomarev and Nael.

CS457 – Introduction to Information Systems Security Introductory Lecture Elias Athanasopoulos

KGuard: Lightweight Kernel Protection against Return-to-User Attacks Authors: Vasileios P. Kemerlis Georgios Portokalidis Angelos D. Keromytis Presenter:

Host and Application Security Lesson 10: Code Injection.

Vasileios P. Kemerlis, Georgios Portokalidis, Angelos D. Keromytis Network Security Lab, Department of Computer Science, Columbia University, USA 21 st.

Prohibiting RC4 Cipher Suites in TLS By: Andrei Popov

Branch Regulation: Low-Overhead Protection from Code Reuse Attacks.

Detecting Code Reuse Attacks with a Model of Conformant Program Execution Emily R. Jacobson, Andrew R. Bernat, William R. Williams, Barton P. Miller Computer.

Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Cristiano Giuffrida Anton Kuijsten Andrew S. Tanenbaum.

Retroactive Auditing Xi Wang Nickolai Zeldovich Frans Kaashoek MIT CSAIL.

Yu Ding, Tao Wei, TieLei Wang Peking University Zhenkai Liang National University of Singapore Wei Zou Peking University 26 th ACSAC (December, 2010)

Presented by: Akbar Saidov Authors: M. Polychronakis, K. G. Anagnostakis, E. P. Markatos.

1 Robust Defenses for Cross-Site Request Forgery Adam Barth, Collin Jackson, John C. Mitchell Stanford University 15th ACM CCS.

Exploitation possibilities of memory related vulnerabilities

Introduction to Information Security ROP – Recitation 5.

Information Leaks Without Memory Disclosures: Remote Side Channel Attacks on Diversified Code Jeff Seibert, Hamed Okhravi, and Eric Söderström Presented.

Security Attacks Tanenbaum & Bo, Modern Operating Systems:4th ed., (c) 2013 Prentice-Hall, Inc. All rights reserved.

Paradyn Project Paradyn / Dyninst Week Madison, Wisconsin April 29-May 1, 2013 Detecting Code Reuse Attacks Using Dyninst Components Emily Jacobson, Drew.

Protecting C and C++ programs from current and future code injection attacks Yves Younan, Wouter Joosen and Frank Piessens DistriNet Department of Computer.

Testing Exploits and Malware in an isolated environment Luca Allodi – Fabio Massacci – Vadim Kotov

Lecture 18: ROP - Continued CS 2011 Spring 2016, Dr. Rozier.

Dissecting complex code-reuse attacks with ROPMEMU

Introduction to Information Security

Remix: On-demand Live Randomization

Jump-Oriented Programming

Module 30 (Unix/Linux Security Issues II)

Introduction to Information Security

Jump Over ASLR: Attacking Branch Predictors to Bypass ASLR

CSC 495/583 Topics of Software Security Return-oriented programming

A System for Protecting the Integrity of Virtual Function Tables

Using cryptography in databases and web applications

Summary by - Bo Zhang and Shuang Guo [Date: 03/31/2014]

Automatic and Precise Client-Side Protection against CSRF Attacks

CS 465 Buffer Overflow Slides by Kent Seamons and Tim van der Horst

CSE 484 Midterm Review “1st half of the quarter in 5 slides”

Discovering Data Structures

Developing and Securing the Cloud

Presentation transcript:

CS457 – Introduction to Information Systems Security Projects Elias Athanasopoulos

Project 1 On the Security of RC4 in TLS Usenix Security Nadhem AlFardan, Royal Holloway, University of London; Daniel J. Bernstein, University of Illinois at Chicago and Technische Universiteit Eindhoven; Kenneth G. Paterson, Bertram Poettering, and Jacob C.N. Schuldt, Royal Holloway, University of London. CS-457Elias Athanasopoulos2

Project 2 When Good Instructions Go Bad: Generalizing Return- Oriented Programming to RISC ACM CCS 2008 E. Buchanan, R. Roemer, H. Shacham, and S. Savage. Suggested reading: The Geometry of Innocent Flesh on the Bone: Return-into- libc without Function Calls (on the x86) ACM CCS 2007 H. Shacham. CS-457Elias Athanasopoulos3

Project 3 Smashing the Gadgets: Hindering Return-Oriented Programming Using In-Place Code Randomization Security and Privacy 2012 Vasilis Pappas, Michalis Polychronakis, and Angelos D. Keromytis Binary stirring: self-randomizing instruction addresses of legacy x86 binary code ACM CCS 2012 Richard Wartell, Vishwath Mohan, Kevin W. Hamlen, Zhiqiang Lin CS-457Elias Athanasopoulos4

Project 4 Practical Control Flow Integrity & Randomization for Binary Executables Security and Privacy 2013 Chao Zhang, Tao Wei, Zhaofeng Chen, Lei Duan, Stephen McCamant, László Szekeres, Dawn Song, and Wei Zou. Suggested reading: Control-Flow Integrity: Principles, Implementations, and Applications ACM CCS 2005 Abadi et al. CS-457Elias Athanasopoulos5

Project 5 Out Of Control: Overcoming Control-Flow Integrity Security and Privacy 2014 Enes Göktaş, Elias Athanasopoulos, Herbert Bos, and Georgios Portokalidis Suggested reading: Practical Control Flow Integrity & Randomization for Binary Executables Security and Privacy 2013 Chao Zhang, Tao Wei, Zhaofeng Chen, Lei Duan, Stephen McCamant, László Szekeres, Dawn Song, and Wei Zou. CS-457Elias Athanasopoulos6

Project 6 Size Does Matter - Why Using Gadget-Chain Length to Prevent Code- reuse Attacks is Hard Usenix Security 2014 Enes Göktaş, Elias Athanasopoulos, Michalis Polychronakis, Herbert Bos, and Georgios Portokalidis Suggested reading: Transparent ROP Exploit Mitigation using Indirect Branch Tracing Usenix Security 2013 Vasilis Pappas, Michalis Polychronakis, and Angelos D. Keromytis CS-457Elias Athanasopoulos7

Project 7 Cling: A Memory Allocator to Mitigate Dangling Pointers Usenix Security 2010 Periklis Akritidis CS-457Elias Athanasopoulos8

Project 8 Improving Integer Security for Systems with KINT OSDI 2012 Xi Wang and Haogang Chen, MIT CSAIL; Zhihao Jia, Tsinghua University IIIS; Nickolai Zeldovich and M. Frans Kaashoek, MIT CSAIL CS-457Elias Athanasopoulos9

Project 9 Document Structure Integrity: A Robust Basis for Cross-site Scripting Defense NDSS 2009 Yacin Nadji, Prateek Saxena, Dawn Song Robust Defenses for Cross-Site Request Forgery ACM CCS 2008 Adam Barth, Collin Jackson, and John C. Mitchell CS-457Elias Athanasopoulos10