Dynamic Self-checking Techniques for Improved Tamper Resistance Bill Horne Lesley Matheson Casey Sheehan Robert E.Tarjan Presented by YAN MIN (Jasmine)

Slides:

Advertisements

Similar presentations

A proposed Trusted-Flow system architecture with aspect-oriented implementation Paolo Falcarin, Mario Baldi Riccardo Scandariato, Maurizio Morisio (Politecnico.

Advertisements

School of EECS, Peking University “Advanced Compiler Techniques” (Fall 2011) SSA Guo, Yao.

Course Outline Traditional Static Program Analysis –Theory Compiler Optimizations; Control Flow Graphs Data-flow Analysis – today’s class –Classic analyses.

Stanford University CS243 Winter 2006 Wei Li 1 Register Allocation.

2014 Network and Distributed System Security Symposium AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijecking.

Control Flow Analysis (Chapter 7) Mooly Sagiv (with Contributions by Hanne Riis Nielson)

Chair of Software Engineering From Program slicing to Abstract Interpretation Dr. Manuel Oriol.

Dynamic Self-Checking Techniques for Improved Tamper Resistance Bill Horne, Lesley Matheson, Casey Sheehan, Robert E. Tarjan STAR Lab, InterTrust Technologies.

Programming Languages Marjan Sirjani 2 2. Language Design Issues Design to Run efficiently : early languages Easy to write correctly : new languages.

Software Construction

Optimizing Compilers for Modern Architectures Preliminary Transformations Chapter 4 of Allen and Kennedy.

Preliminary Transformations Chapter 4 of Allen and Kennedy Harel Paz.

Linear Obfuscation to Combat Symbolic Execution Zhi Wang 1, Jiang Ming 2, Chunfu Jia 1 and Debin Gao 3 1 Nankai University 2 Pennsylvania State University.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Software Testing and Quality Assurance

Chapter 3.2 : Virtual Memory

CSE 300: Software Reliability Engineering Topics covered: Software metrics and software reliability Software complexity and software quality.

Dynamic Reconfiguration of Component-based Real-time Software Words February 2005 Sedona, Arizona, USA Andreas Rasche, Andreas Polze and Martin.

Simulation Waiting Line. 2 Introduction Definition (informal) A model is a simplified description of an entity (an object, a system of objects) such that.

1 ES 314 Advanced Programming Lec 2 Sept 3 Goals: Complete the discussion of problem Review of C++ Object-oriented design Arrays and pointers.

Software Uniqueness: How and Why? Puneet Mishra Dr. Mark Stamp Department of Computer Science San José State University, San José, California.

1 Software Testing and Quality Assurance Lecture 1 Software Verification & Validation.

To GPU Synchronize or Not GPU Synchronize? Wu-chun Feng and Shucai Xiao Department of Computer Science, Department of Electrical and Computer Engineering,

Factor Graphs Young Ki Baik Computer Vision Lab. Seoul National University.

1 Software Construction Software Construction Chapter 1.

Detecting Software Theft via System Call Based Birthmarks Xinran Wang, Yoon-Chan Jhi, Sencun Zhu, Peng Liu ACSAC 2009.

Best Practices By Gabriel Rodriguez

Introduction Overview Static analysis Memory analysis Kernel integrity checking Implementation and evaluation Limitations and future work Conclusions.

A Model for Self-Modifying Code Bertrand Anckaert, Matias Madou and Koen De Bosschere 8 th Information Hiding Conference, July 11 th 2006.

Foundations of Software Testing Chapter 5: Test Selection, Minimization, and Prioritization for Regression Testing Last update: September 3, 2007 These.

Composing Adaptive Software Authors Philip K. McKinley, Seyed Masoud Sadjadi, Eric P. Kasten, Betty H.C. Cheng Presented by Ana Rodriguez June 21, 2006.

1 Chapter 3.2 : Virtual Memory What is virtual memory? What is virtual memory? Virtual memory management schemes Virtual memory management schemes Paging.

1 Experience With Software Watermarking Author: Jens Palsberg et al. Presenter: Charles He “Embedding Watermarking in dynamic data structures … can be.

Protecting Software Code By Guards The George Washington University Cs297 YU-HAO HU.

RootKit By Parrag Mehta OUTLINE What is a RootKit ? Installation Types How do RootKits work ? Detection Removal Prevention Conclusion References.

BIOMETRICS THE MAN MACHINE INTERFACE

Improving Xen Security through Disaggregation Derek MurrayGrzegorz MilosSteven Hand.

System Test Planning SYSTTPLAN 1 Location of Test Planning Responsibilities for Test Planning Results of Test Planning Structure of a Test Plan Test Definitions.

Software Tamper Resistance: Obstructing Static Analysis of Programs Chenxi Wang, Jonathan Hill, John Knight, Jack Davidson at university of Virginia This.

Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion.

CS412/413 Introduction to Compilers Radu Rugina Lecture 18: Control Flow Graphs 29 Feb 02.

1 Control Flow Graphs. 2 Optimizations Code transformations to improve program –Mainly: improve execution time –Also: reduce program size Can be done.

System To Generate Test Data: The Analysis Program Syed Nabeel.

Tamper Resistant Software: An Implementation By David Aucsmith, IAL In Information Hiding Workshop, RJ Anderson (ed), LNCS, 1174, pp , “Integrity.

Mutation Testing Breaking the application to test it.

Secure Execution of Computations in Untrusted Hosts S. H. K. Narayanan 1, M.T. Kandemir 1, R.R. Brooks 2 and I. Kolcu 3 1 Embedded Mobile Computing Center.

Ari Juels, Burton S. Kaliski Jr 14th ACM conference on Computer and communications security,2007 Cited:793 Presenter: 張哲豪 Date:2014/11/24.

Experience with Software Watermarking Jens Palsberg, Sowmya Krishnaswamy, Minseok Kwon, Di Ma, Qiuyun Shao, Yi Zhang CERIAS and Department of Computer.

Foundations of Software Testing Chapter 5: Test Selection, Minimization, and Prioritization for Regression Testing Last update: September 3, 2007 These.

Memory Protection through Dynamic Access Control Kun Zhang, Tao Zhang and Santosh Pande College of Computing Georgia Institute of Technology.

Introduction to Java Chapter 1 - Introduction to Java1 Chapter 1 Introduction to Java.

Single Static Assignment Intermediate Representation (or SSA IR) Many examples and pictures taken from Wikipedia.

Compilers and Security

Reducing Structural Bias in Technology Mapping

A Review of Software Testing - P. David Coward

Software Engineering (CSI 321)

CS 450/650 Fundamentals of Integrated Computer Security

CompSci 725 Presentation by Siu Cho Jun, William.

Aditya P. Mathur Purdue University

Preliminary Transformations

Estimating Timing Profiles for Simulation of Embedded Systems

Better security for maintainers

Differential Equations

Optimizing Compilers CISC 673 Spring 2011 Static Single Assignment II

Test Process “V” Diagram

A Self-Reference Watermarking Scheme Based on Wet Paper Coding

A Self-Reference Watermarking Scheme Based on Wet Paper Coding

A Robust Digital Watermarking Of Satellite Image at Third Level DWT Decomposition Source：International Conference on Computational Intelligence and Multimedia.

Authors: J.J. Murillo-Fuentes

Software Testing and QA Theory and Practice (Chapter 5: Data Flow Testing) © Naik & Tripathy 1 Software Testing and Quality Assurance Theory and Practice.

Presentation transcript:

Dynamic Self-checking Techniques for Improved Tamper Resistance Bill Horne Lesley Matheson Casey Sheehan Robert E.Tarjan Presented by YAN MIN (Jasmine)

Outline  Introduction  Algorithm design  Detail  Conclusion and future work

Introduction What is self-checking? :Static self-checking :Dynamic self-checking

Introduction (Continued) Protecting client-side software running in an untrusted host. It is designed to be used in conjunction with other tamper- resistance techniques, integrated with copy-specific static software watermarking.

Algorithm Design  Components :testers correctors  Process 1.Source-code processing -- testers 2.Object-code processing -- --shuffle blocks --insert correctors --associate corrector and tester interval 3.Installation-time processing -- compute watermark values -- compute corrector values -- form patches -- prepare fully functional executable

Detail  Tester Design 1. Linear Hash Functions invertibility h 0( d )=0 ( d : an interval of data) h i ( d )= c *( d i+ h i-1( d )) (0<i ≤n), (c≠0) h (i-1)( d )= h i ( d ) / c – d i  h i( d ), h n( d ) summarizability : recurrence h h o (x, d )=x, h i (x, d )= c *( d i+ h i-1(x, d ))

Detail (continued) d : a constant vector, x : variable h n (x, d )= a n ( d ) x + b n ( d ) a 0 ( d )=1, b 0 ( d )=0 a i ( d ) = c*a i-1( d ), b i( d )= c *( d i + b i-1( d )) (0< i <=n)  a n, b n, h n 2. Construction and Customization 3. Tester Placement

Detail (continued)  Interval Construction 1. Corrector Placement executable – based insertion methods 1. k = number (usable basic blocks ) / number (correctors) 2. remove ‘ un-net ’ correctors 3. insert correctors as dead code 4. when : basic block shuffling completed 5. where : after each k basic blocks

Detail (Continued) 2.Interval Definition s i : c i-1 and c i e n-i+2: c n+k-i and c n+k-i+1 (1<i≤ k) two points:. c i-1~ c i (k<i ≤ n) c k+i –- I i k-1 correctors : discard

Detail (continued) 3. Assignment of Testers to Intervals --objectives: coverage, security three observations: 1. every byte is tested by k testers. 2,3 the tester graph

Conclusion and Future Work  Protecting client-side software running in an untrusted host Future Work: Building a stealthier response mechanism Modifying and simplifying the corrector insertion step …… Questions:How does it work if it does not use watermark values (no correctors)?