Presentation is loading. Please wait.

Presentation is loading. Please wait.

Casper / Codiva Compiler-assisted securing of programs at runtime Code diversity –Protection from most stack-smashing attacks void function(int x, float.

Similar presentations


Presentation on theme: "Casper / Codiva Compiler-assisted securing of programs at runtime Code diversity –Protection from most stack-smashing attacks void function(int x, float."— Presentation transcript:

1 Casper / Codiva Compiler-assisted securing of programs at runtime Code diversity –Protection from most stack-smashing attacks void function(int x, float y, char* s) { int a; int b; char buffer[SIZE]; int c;... ; strcpy(buffer, s);... } Compiler-assisted securing of programs at runtime Code diversity –Protection from most stack-smashing attacks Available as patches: –Compiler: gcc-2.95 –Debugger: gdb-5.2.1 0xBadAdda0... (“/bin/sh”) exec PC ret. addr := 32-bit XOR ret. addr

2 Casper – future work Activation records –automatically managed –randomised layout Heap smashing techniques –break type-system –corrupt malloc data Diversified research –Languages, Compilers: C++, Sun CC, Visual C++ –Other architectures: Solaris, Alpha (DLX ;-)

3 Worklets Java-based mobile agent system Code transportation and dynamic integration mechanism

4 Worklets – past projects Dan Phung, Alex Bogomolov Micro-control of junctions –repeat, start-condition, etc. Registration and discovery mechanism Security –encryption, authentication and authorisation Optimised Worklet transportation –Workgroup Cache –Partial compression


Download ppt "Casper / Codiva Compiler-assisted securing of programs at runtime Code diversity –Protection from most stack-smashing attacks void function(int x, float."

Similar presentations


Ads by Google