Presentation is loading. Please wait.

Presentation is loading. Please wait.

Operating System Protection Through Program Evolution

Published byHeather Russell Modified over 6 years ago

Similar presentations

Presentation on theme: "Operating System Protection Through Program Evolution"— Presentation transcript:

1 Operating System Protection Through Program Evolution
By Dr. Frederick B. Cohen Presented by William Lu

2 The Ultimate Attack How to defeat defensive measures of a system?
Gain physical access to the system Reverse engineer defenses Find weak link and exploit

3 The Ultimate Defense How to defend against attackers
Make attacks extremely complex Make costs too high to be worth attacking i.e. passwords Large space Spread out probability density (diffusion) Obscuring stored information (confusion) How to defend against attackers In practice, password space is huge but human methods of password selection leads to a high probability of select words.

4 The Ultimate Defense Current operating systems
Space is enormous (all programs that fit in memory) High probability subspace (very small number of versions) No confusion No confusion – the part of the program that performs any given operation is apparent

5 The Ultimate Defense How to increase operating system defenses?
Reducing coherence How? Unique defense for each system Feasibility? Too many unique defenses to design Compromise? Implement a fixed number of defenses

6 The Ultimate Defense More practical solution? Goal?
Evolutionary defenses Goal? Produce a large search space Provide confusion Provide diffusion With more evolution, there’s less performance, but higher cost of attack

7 (some) Techniques for Program Evolution
Equivalent instruction sequences Instruction reordering Variable substitution

8 Equivalent Instruction Sequences
What does it do? Replaces instruction sequences with equivalent sequences i.e. add 17 is equivalent to add 20 and subtract 3 How does it help defend against attacks? As evolution increases so does time and space Potentially infinite evolutions Creates enormous possible executions

9 Instruction Reordering
What does it do? Reorders instructions without altering program execution Order does not matter How does it help defend against attacks? Typical system call involves setting a series of values. Values are independent and can be set in any order. Assigning independent values can be reordered Increases complexity of attacks to n! different orderings (n = # of different instructions)

10 Instruction Reordering
3 different instructions 6 different forms I=3 J=5 K=8

11 Variable Substitution
What does it do? Alters the location of memory storage areas How does it help defend against attacks? Prevents static examination and analysis of parameters Move variables to different locations to prevent patterns without affecting program execution

12 (and other) techniques?
What to do with these (and other) techniques?

13 Providing Evolution in Defenses
How to evolve? Select a mix of evolution techniques Increase complexity while minimizing impact on end users

14 Providing Evolution in Defenses
When to evolve? At the factory? Uniquely identify each disk sent out Reduced efficiency At installation? Unique tracking number, unique registration numbers Evolution at installation can take place while installer is asking for user input or swapping of disks. Crucial to have unique and confidential evolution Takes time at end user level

15 Providing Evolution in Defenses
When to evolve? After installation? Cannot assure against corruption Cannot trust internal checking Attack that succeeds on one day may fail the next Unique tracking number, unique registration numbers Evolution at installation can take place while installer is asking for user input or swapping of disks.

16 Attacks on Program Evolution
Points of Attack Tracing Attack

17 Point of Attack How? How to defend against it?
Find original entry point and exploit it Gain direct access to hardware or operating system internals How to defend against it? Evolve the core of the operating system Evolving the calling mechanism Calls that bypass protection may be of the wrong form Used by viruses

18 Tracing Attacks How? How to defend against it?
Trace programs at execution or simulation How to defend against it? Use redundancy Force attacker to use tracing on each attack

19 Conclusion Program evolution can increase the complexity for an attacker Create a large search space to make attacks infeasible Need more study to reach maturity

Download ppt "Operating System Protection Through Program Evolution"

Similar presentations

On the Genetic Evolution of a Perfect Tic-Tac-Toe Strategy

On the Genetic Evolution of a Perfect Tic-Tac-Toe Strategy
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
Memory Management Design & Implementation Segmentation Chapter 4.

Memory Management Design & Implementation Segmentation Chapter 4.
Operating System Support Focus on Architecture

Operating System Support Focus on Architecture
Understanding Operating Systems1 Operating Systems Virtual Memory Thrashing Single-User Contiguous Scheme Fixed Partitions Dynamic Partitions.

Understanding Operating Systems1 Operating Systems Virtual Memory Thrashing Single-User Contiguous Scheme Fixed Partitions Dynamic Partitions.
CS-3013 & CS-502, Summer 2006 Memory Management1 CS-3013 & CS-502 Summer 2006.

CS-3013 & CS-502, Summer 2006 Memory Management1 CS-3013 & CS-502 Summer 2006.
TEST CASE DESIGN Prepared by: Fatih Kızkun. OUTLINE Introduction –Importance of Test –Essential Test Case Development A Variety of Test Methods –Risk.

TEST CASE DESIGN Prepared by: Fatih Kızkun. OUTLINE Introduction –Importance of Test –Essential Test Case Development A Variety of Test Methods –Risk.
Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.

Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.
Secure Embedded Processing through Hardware-assisted Run-time Monitoring Zubin Kumar.

Secure Embedded Processing through Hardware-assisted Run-time Monitoring Zubin Kumar.
Process Management A process is a program in execution. It is a unit of work within the system. Program is a passive entity, process is an active entity.

Process Management A process is a program in execution. It is a unit of work within the system. Program is a passive entity, process is an active entity.
Vulnerability-Specific Execution Filtering (VSEF) for Exploit Prevention on Commodity Software Authors: James Newsome, James Newsome, David Brumley, David.

Vulnerability-Specific Execution Filtering (VSEF) for Exploit Prevention on Commodity Software Authors: James Newsome, James Newsome, David Brumley, David.
Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,

Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,
Simulation of Memory Management Using Paging Mechanism in Operating Systems Tarek M. Sobh and Yanchun Liu Presented by: Bei Wang University of Bridgeport.

Simulation of Memory Management Using Paging Mechanism in Operating Systems Tarek M. Sobh and Yanchun Liu Presented by: Bei Wang University of Bridgeport.
Defining Anomalous Behavior for Phase Change Memory

Defining Anomalous Behavior for Phase Change Memory
1 Memory Management Memory Management COSC513 – Spring 2004 Student Name: Nan Qiao Student ID#: 104454 Professor: Dr. Morteza Anvari.

1 Memory Management Memory Management COSC513 – Spring 2004 Student Name: Nan Qiao Student ID#: Professor: Dr. Morteza Anvari.
A Computer Science Tapestry 1 Recursion (Tapestry 10.1, 10.3) l Recursion is an indispensable technique in a programming language ä Allows many complex.

A Computer Science Tapestry 1 Recursion (Tapestry 10.1, 10.3) l Recursion is an indispensable technique in a programming language ä Allows many complex.
Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,

Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,
 a crime committed on a computer network, esp. the Internet.

 a crime committed on a computer network, esp. the Internet.
1 “Operating System Protection Through Program Evolution” Dr. Frederick B. Cohen “…one of the major reasons attacks succeed is because of the static nature.

1 “Operating System Protection Through Program Evolution” Dr. Frederick B. Cohen “…one of the major reasons attacks succeed is because of the static nature.

Similar presentations

Ads by Google