Self-Protecting Mobile Agents Tom Van Vleck Lee Badger Doug Kilpatrick Larry D’Anna Brian Matt Funded by both OASIS and Active Networks Programs NAI Labs.

Slides:



Advertisements
Similar presentations
Threads, SMP, and Microkernels
Advertisements

Overview Motivations Basic static and dynamic optimization methods ADAPT Dynamo.
Programming Languages Marjan Sirjani 2 2. Language Design Issues Design to Run efficiently : early languages Easy to write correctly : new languages.
Memory Management Chapter 7.
Cryptography and Data Security: Long-Term Challenges Burt Kaliski, RSA Security Northeastern University CCIS Mini Symposium on Information Security November.
Introduction CSCI 444/544 Operating Systems Fall 2008.
Microkernels How to build a dependable, modular and secure operating system?
Name: Hao Yuan Supervisor: Len Hamey ITEC810 ProjectTransformations for Obfuscating Object-Oriented Programs1.
Describe the concept of lightweight process (LWP) and the advantages to using LWPs Lightweight process (LWP) lies in a hybrid form of user-level & kernel-level.
CS-3013 & CS-502, Summer 2006 Virtual Machine Systems1 CS-502 Operating Systems Slides excerpted from Silbershatz, Ch. 2.
Contiki A Lightweight and Flexible Operating System for Tiny Networked Sensors Presented by: Jeremy Schiff.
Combining Static and Dynamic Data in Code Visualization David Eng Sable Research Group, McGill University PASTE 2002 Charleston, South Carolina November.
Scripting Languages For Virtual Worlds. Outline Necessary Features Classes, Prototypes, and Mixins Static vs. Dynamic Typing Concurrency Versioning Distribution.
The Bio-Networking Architecture: An Infrastructure of Autonomic Agents in Pervasive Networks Jun Suzuki netresearch.ics.uci.edu/bionet/
VB in Context Michael B. Spring Department of Information Science and Telecommunications University of Pittsburgh Pittsburgh, Pa 15260
Automatic Implementation of provable cryptography for confidentiality and integrity Presented by Tamara Rezk – INDES project - INRIA Joint work with: Cédric.
Fundamentals of Python: From First Programs Through Data Structures
Basics of Operating Systems March 4, 2001 Adapted from Operating Systems Lecture Notes, Copyright 1997 Martin C. Rinard.
Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.
Advances in Language Design
Address Space Layout Permutation
Secure Web Applications via Automatic Partitioning Stephen Chong, Jed Liu, Andrew C. Meyers, Xin Qi, K. Vikram, Lantian Zheng, Xin Zheng. Cornell University.
University of Maryland Compiler-Assisted Binary Parsing Tugrul Ince PD Week – 27 March 2012.
High level & Low level language High level programming languages are more structured, are closer to spoken language and are more intuitive than low level.
1 Lecture 4: Threads Operating System Fall Contents Overview: Processes & Threads Benefits of Threads Thread State and Operations User Thread.
Java: Chapter 1 Computer Systems Computer Programming II.
Self-Protecting Mobile Agents Lee Badger Brian Matt Larry Spector Doug Kilpatrick Funded by both OASIS and Active Networks Programs NAI Labs 14 Feb
Self-Protecting Mobile Agents Lee Badger Brian Matt Steven Kiernan Funded by both ITS and Active Networks Programs NAI Labs, Network Associates, Inc. 17.
CSC 310 – Imperative Programming Languages, Spring, 2009 Virtual Machines and Threaded Intermediate Code (instead of PR Chapter 5 on Target Machine Architecture)
1 Module Objective & Outline Module Objective: After completing this Module, you will be able to, appreciate java as a programming language, write java.
1 Comp 104: Operating Systems Concepts Java Development and Run-Time Store Organisation.
Programming Models & Runtime Systems Breakout Report MICS PI Meeting, June 27, 2002.
Distribution After Release Tool Natalia Ratnikova.
The Daikon system for dynamic detection of likely invariants MIT Computer Science and Artificial Intelligence Lab. 16 January 2007 Presented by Chervet.
Applying White-Box Cryptography SoBeNet user group meeting October 8, 2004 Brecht Wyseur.
COMPUTER SECURITY MIDTERM REVIEW CS161 University of California BerkeleyApril 4, 2012.
Enabling Peer-to-Peer SDP in an Agent Environment University of Maryland Baltimore County USA.
Threaded Programming in Python Adapted from Fundamentals of Python: From First Programs Through Data Structures CPE 401 / 601 Computer Network Systems.
EXTENSIBILITY, SAFETY AND PERFORMANCE IN THE SPIN OPERATING SYSTEM
Software Engineering Laboratory, Department of Computer Science, Graduate School of Information Science and Technology, Osaka University IWPSE 2003 Program.
2012 Objectives for CernVM. PH/SFT Technical Group Meeting CernVM/Subprojects The R&D phase of the project has finished and we continue to work as part.
Presentation subtitle: 20pt Arial Regular, green R223 | G255 | B102 Recommended maximum length: 2 lines Confidentiality/date line: 13pt Arial Regular,
Problem On a regular basis we use: –Java applets –JavaScript –ActiveX –Shockwave Notion of ubiquitous computing.
Reliable Web Service Execution and Deployment in Dynamic Environments * Markus Keidl, Stefan Seltzsam, and Alfons Kemper Universität Passau Passau,
Enabling Control over Adaptive Program Transformation for Dynamically Evolving Mobile Software Validation Mike Jochen, Anteneh Anteneh, Lori Pollock University.
ETICS An Environment for Distributed Software Development in Aerospace Applications SpaceTransfer09 Hannover Messe, April 2009.
RealTimeSystems Lab Jong-Koo, Lim
Introduction to Performance Tuning Chia-heng Tu PAS Lab Summer Workshop 2009 June 30,
Fermilab Scientific Computing Division Fermi National Accelerator Laboratory, Batavia, Illinois, USA. Off-the-Shelf Hardware and Software DAQ Performance.
Sung-Dong Kim, Dept. of Computer Engineering, Hansung University Java - Introduction.
A Single Intermediate Language That Supports Multiple Implemtntation of Exceptions Delvin Defoe Washington University in Saint Louis Department of Computer.
Memory Management.
Threaded Programming in Python
Self Healing and Dynamic Construction Framework:
Presentation by Omar Abu-Azzah
Un</br>able’s MySecretSecrets
COTS testing Tor Stålhane.
Distributed Systems - Comp 655
Page Replacement.
Security in Java Real or Decaf? cs205: engineering software
Authors: Helen J. Wang, Chuanxiong Guo, Daniel R
Technical Capabilities
(Computer fundamental Lab)
Introducing Java.
Outline Operating System Organization Operating System Examples
COMP755 Advanced Operating Systems
Dynamic Binary Translators and Instrumenters
Threads CSE 2431: Introduction to Operating Systems
What Does it Mean to Get Gold in CII Badging?
Presentation transcript:

Self-Protecting Mobile Agents Tom Van Vleck Lee Badger Doug Kilpatrick Larry D’Anna Brian Matt Funded by both OASIS and Active Networks Programs NAI Labs March 2002 Not for Public Release

Problem and Objective Problem: Mobile programs are vulnerable to tampering by hosts on which they run. Objective: Protect mobile agents from tampering while allowing: Host Operating System Agent Execution Server Running Agent Code Data Attack   High mobility.   Detached operation.   Extended deployment periods.   Realistic infrastructure requirements. Web Server Code Red

Not for Public Release Technical Approach (in a nutshell) agentlet agentlet1 Host 2 Host 3 Host N Host... Distribution: replicate agents across multiple, unrelated hosts.Distribution: replicate agents across multiple, unrelated hosts. –Present a moving target Monitoring/Recovery: regenerate corrupted “agentlets.”Monitoring/Recovery: regenerate corrupted “agentlets.” Code/data Obfuscation: prevent host-based analysisCode/data Obfuscation: prevent host-based analysis –Refresh obfuscation before analysis can be completed Self-Protecting Agent agent agent Host Traditional Agent

Not for Public Release Time-limited Black Box Hohl, Fritz, “An Approach to Solve the Problem of Malicious Hosts” A host can deny execution, or lie, but it can’t disrupt the programs’ internal consistency for n seconds.SourceCodePolicyA ObfuscationTransform Run for n seconds Stop. Obfuscated Source code De-obfuscation takes m >> n seconds

Not for Public Release Goals of Obfuscator Prevent understanding of –Implementation structure –Data values –Algorithms For some amount of time (work) Not a toy

Not for Public Release Obfuscator Non-Goals As strong as cryptography Smaller or faster than original Weak obscurity -> strong protection Barak, Goldreich, et al, CRYPTO 2001: “Obfuscation is impossible.” … for their definition Random slashdot poster sl956: “… We all know that anybody using the words 'tamper resistant' to describe a software-based solution is incompetent at best....”

Not for Public Release What We’ve Done Lately Obfuscation Techniques Evaluation Report Jbet obfuscation tool –Obfuscation transforms Control, data –Packaging Modular architecture Automated test suite (197 tests, one with >300 cases) Nightly build

Not for Public Release Jbet Obfuscation Tool - Context JBET classes obfuscated classes Plugin Transforms Obfuscation policy

Not for Public Release Obfuscation Pipeline Reader classes DAG xforms xforms CodeGen DAG DAG classes Variableobfuscations Control flow Obfuscations Optimization & obfuscation

Not for Public Release DAG Representation method Basicblock Basicblock Basicblock method Basicblock Basicblock NodeNode Node NodeNode NodeNode Node Node Node NodeNodeNode NodeNode params params

Not for Public Release Obfuscation Transforms Transient Variable Obfuscation –Offset, CRT, XOR, etc Control Flow Obfuscation –Switchify, method and class merging Method combination Field access Introduction of dummy blocks Name regeneration

Not for Public Release Control Flow No method calls except –A few utility calls –Calls to external classes Internal simulated call stack Stub classes passed to external methods

Not for Public Release Control Flow Obfuscation: Switchify CB E A condition_1 condition_2D switch A condition_1 D condition_2 CBE exit

Not for Public Release Merged Methods push()pop() alloc()free() make_ frame() free_ frame() push()pop() internal()

Not for Public Release Class Merging Classes with native methods left separate Internal classes fully emulated, vanish

Not for Public Release Method Calls Simulated call stack Virtual methods become table of function addreses, stored as fields, subject to further obfuscation Alternative virtual dispatch mechanisms

Not for Public Release Field Access All variables replaced by refs to storage container class. class Memory { int[] I; int[] I; float[] F; float[] F; Object[] L; Object[] L; long[] J; long[] J; double[] D; double[] D; memory[] N; memory[] N;}

Not for Public Release Exceptions Semantics preserved but athrow not used Try/catch/throw internal to a method –Handler address known statically General –Emulated with dynamic list of active handlers

Not for Public Release Simple Demo public class Test { public static void main(String[] a) { for (int i = 0; i < 10; i++) { for (int i = 0; i < 10; i++) { System.out.println(i); System.out.println(i); }} This is a hard program to obfuscate Transient variable obfuscation is easy to see through. Control flow obfuscation really works – –Program grows in size

Not for Public Release Hard Demo DES test (public domain code) –6 classes, 3179 lines More obfuscation Code volume and runtime increase

Not for Public Release Demo

Results - Simple ObfuscationBytes none 634 ( 1 class) Transient variable 835 ( 3 classes) Control flow ( 3 classes)

Not for Public Release Results - DES ObfuscationBytes none ( 6 classes) Transient variable ( 3 classes) Control flow ( 3 classes)

Not for Public Release What’s Next More transforms –Plug-in architecture Optimum determination of transforms –Data flow driven –Metrics Speed and space improvement Integrate with agentlets

Not for Public Release Feb. 28, 2001 Policy Specification and Architecture Report April 30, 2001 Prototype Distributed Agent Generation Tool Administrative Info (Milestones) Dec. 15, 2002 Distributed, Self- Healing Obfuscated Agentlet Prototype March 15, 2002 Obfuscated Agentlet Prototype March 14, 2000 Start Date March 15, 2003 End Date Jan. 15, 2003 Final Report Nov. 15, 2001 Obfuscation Techniques Evaluation Report    

Not for Public Release The End!

Not for Public Release Commercial Obfuscators & Decompilers Severe limitations Obfuscation mostly limited to name removal

Not for Public Release Deferred Java Features Floating point Reflection Serialization Synchronization

Not for Public Release Java Challenges Typed memory management Java verifier –Forces correct type and stack at every point Limited control flow Rich program object

Not for Public Release Static and Dynamic Static analysis –Branch loses information of where from Trace based analysis –Program slicing –Interpretive execution for given input Threading –Separate thread for interactions with environment –Nondeterministic execution

Not for Public Release Ideal State Obfuscation POP obfuscation transform … … … … …

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.