Software obfuscation is a commonly used technique to protect software, especially against reverse-engineering attacks. It is a form of security through obscurity and is commonly used for intellectual property and Digi...
详细信息
ISBN:
(纸本)9781467380423
Software obfuscation is a commonly used technique to protect software, especially against reverse-engineering attacks. It is a form of security through obscurity and is commonly used for intellectual property and Digital Rights Management protection. However, this increase of security may come at the expense of increased vulnerabilities in another direction, hitherto unsuspected. In this paper, we propose and investigate the hypothesis that some of the most popular obfuscation techniques, including changing the control flow graph and substituting simpler instruction sequences with complex instructions, may make the obfuscated binary more vulnerable to return-orientedprogramming (ROP) based attacks. ROP is a comparatively recent technique used to exploit buffer-overflow vulnerabilities. We analyze the ROP gadgets present in both obfuscated and un-obfuscated versions of well known binaries. We show that the number of ROP gadgets in a binary significantly increase after obfuscation, and it can potentially make ROP-based exploits easier.
Control-flow integrity (CFI) is a general method for preventing code-reuse attacks, which utilize benign code sequences to achieve arbitrary code execution. CFI ensures that the execution of a program follows the edge...
详细信息
Control-flow integrity (CFI) is a general method for preventing code-reuse attacks, which utilize benign code sequences to achieve arbitrary code execution. CFI ensures that the execution of a program follows the edges of its predefined static Control-Flow Graph: any deviation that constitutes a CFI violation terminates the application. Despite decades of research effort, there are still several implementation challenges in efficiently protecting the control flow of function returns (return-oriented programming attacks). The set of valid return addresses of frequently called functions can be large and thus an attacker could bend the backward-edge CFI by modifying an indirect branch target to another within the valid return set. This article proposes RAGuard, an efficient and user-transparent hardware-based approach to prevent return-Oreiented programmingattacks. RAGuard binds a message authentication code (MAC) to each return address to protect its integrity. To guarantee the security of the MAC and reduce runtime overhead: RAGuard (1) computes the MAC by encrypting the signature of a return address with AES-128, (2) develops a key management module based on a Physical Unclonable Function (PUF) and a True Random Number Generator (TRNG), and (3) uses a dedicated register to reduce MACs' load and store operations of leaf functions. We have evaluated our mechanism based on the open-source LEON3 processor and the results show that RAGuard incurs acceptable performance overhead and occupies reasonable area.
Although using machine learning techniques to solve computer security challenges is not a new idea,the rapidly emerging Deep Learning technology has recently triggered a substantial amount of interests in the computer...
详细信息
Although using machine learning techniques to solve computer security challenges is not a new idea,the rapidly emerging Deep Learning technology has recently triggered a substantial amount of interests in the computer security *** paper seeks to provide a dedicated review of the very recent research works on using Deep Learning techniques to solve computer security *** particular,the review covers eight computer security problems being solved by applications of Deep Learning:security-oriented program analysis,defending return-orientedprogramming(ROP)attacks,achieving control-flow integrity(CFI),defending network attacks,malware classification,system-event-based anomaly detection,memory forensics,and fuzzing for software security.
暂无评论