• Documents
  • Authors
  • Tables
  • Log in
  • Sign up
  • MetaCart
  • DMCA
  • Donate

CiteSeerX logo

Advanced Search Include Citations
Advanced Search Include Citations

Minos: Control Data Attack Prevention Orthogonal to Memory Model,” in (2004)

by J Crandall, F Chong
Venue:Proc. MICRO,
Add To MetaCart

Tools

Sorted by:
Results 1 - 10 of 202
Next 10 →

TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones

by William Enck, Landon P. Cox, Jaeyeon Jung, et al. , 2010
"... Today’s smartphone operating systems fail to provide users with adequate control and visibility into how third-party applications use their private data. We present TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system for the popular Android platform that can simultaneous ..."
Abstract - Cited by 527 (26 self) - Add to MetaCart
Today’s smartphone operating systems fail to provide users with adequate control and visibility into how third-party applications use their private data. We present TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system for the popular Android platform that can simultaneously track multiple sources of sensitive data. TaintDroid’s efficiency to perform real-time analysis stems from its novel system design that leverages the mobile platform’s virtualized system architecture. TaintDroid incurs only 14 % performance overhead on a CPU-bound micro-benchmark with little, if any, perceivable overhead when running thirdparty applications. We use TaintDroid to study the behavior of 30 popular third-party Android applications and find several instances of misuse of users ’ private information. We believe that TaintDroid is the first working prototype demonstrating that dynamic taint tracking and analysis provides informed use of third-party applications in existing smartphone operating systems.

Vigilante: End-to-End Containment of Internet Worm Epidemics

by Manuel Costa, Jon Crowcroft, Miguel Castro, Antony Rowstron, Lidong Zhou, Lintao Zhang, Paul Barham , 2008
"... Worm containment must be automatic because worms can spread too fast for humans to respond. Recent work proposed network-level techniques to automate worm containment; these techniques have limitations because there is no information about the vulnerabilities exploited by worms at the network level. ..."
Abstract - Cited by 304 (6 self) - Add to MetaCart
Worm containment must be automatic because worms can spread too fast for humans to respond. Recent work proposed network-level techniques to automate worm containment; these techniques have limitations because there is no information about the vulnerabilities exploited by worms at the network level. We propose Vigilante, a new end-to-end architecture to contain worms automatically that addresses these limitations. In Vigilante, hosts detect worms by instrumenting vulnerable programs to analyze infection attempts. We introduce dynamic data-flow analysis: a broad-coverage host-based algorithm that can detect unknown worms by tracking the flow of data from network messages and disallowing unsafe uses of this data. We also show how to integrate other host-based detection mechanisms into the Vigilante architecture. Upon detection, hosts generate self-certifying alerts (SCAs), a new type of security alert that can be inexpensively verified by any vulnerable host. Using SCAs, hosts can cooperate to contain an outbreak, without having to trust each other. Vigilante broadcasts SCAs over an overlay network that propagates alerts rapidly and resiliently. Hosts receiving an SCA protect themselves by generating filters with vulnerability condition slicing: an algorithm that performs dynamic analysis of the vulnerable program to identify control-flow conditions that lead
(Show Context)

Citation Context

...adeoffs between coverage and overhead [47, 10, 23, 21, 16, 4, 9, 30, 2]. We implemented SCA generation for two different detection engines: non-executable (NX) pages [1] and dynamic dataflow analysis =-=[43, 9, 11, 30]-=-. We chose these engines because they represent extreme points in the tradeoff between coverage and overhead: the first detector has low overhead but low coverage whereas the second has high overhead ...

Panorama: Capturing system-wide information flow for malware detection and analysis

by Heng Yin, Dawn Song, Manuel Egele, Christopher Kruegel, Engin Kirda - In Proceedings of the 14th ACM Conferences on Computer and Communication Security (CCS’07 , 2007
"... Malicious programs spy on users ’ behavior and compromise their privacy. Even software from reputable vendors, such as Google Desktop and Sony DRM media player, may perform undesirable actions. Unfortunately, existing techniques for detecting malware and analyzing unknown code samples are insufficie ..."
Abstract - Cited by 195 (28 self) - Add to MetaCart
Malicious programs spy on users ’ behavior and compromise their privacy. Even software from reputable vendors, such as Google Desktop and Sony DRM media player, may perform undesirable actions. Unfortunately, existing techniques for detecting malware and analyzing unknown code samples are insufficient and have significant shortcomings. We observe that malicious information access and processing behavior is the fundamental trait of numerous malware categories breaching users ’ privacy (including keyloggers, password thieves, network sniffers, stealth backdoors, spyware and rootkits), which separates these malicious applications from benign software. We propose a system, Panorama, to detect and analyze malware by capturing this fundamental trait. In our extensive experiments, Panorama successfully detected all the malware samples and had very few false positives. Furthermore, by using Google Desktop as a case study, we show that our system can accurately capture its information access and processing behavior, and we can confirm that it does send back sensitive information to remote servers in certain settings. We believe that a system such as Panorama will offer indispensable assistance to code analysts and malware researchers by enabling them to quickly comprehend the behavior and innerworkings of an unknown sample.
(Show Context)

Citation Context

...ieved through dynamic translation and caching ) when compared to previous processor emulators such as Bochs [5]. Our hardware-level taint tracking is similar in spirit to a number of previous systems =-=[10, 26, 13, 35, 12]-=-. However, since our goal is to enable whole-system fine-grained taint analysis, our design and implementation is the most complete. For example, previous approaches either operate on a single process...

Non-control-data attacks are realistic threats

by Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, Ravishankar K. Iyer - In USENIX Security Symposium , 2005
"... Most memory corruption attacks and Internet worms follow a familiar pattern known as the control-data attack. Hence, many defensive techniques are designed to protect program control flow integrity. Although earlier work did suggest the existence of attacks that do not alter control flow, such attac ..."
Abstract - Cited by 185 (6 self) - Add to MetaCart
Most memory corruption attacks and Internet worms follow a familiar pattern known as the control-data attack. Hence, many defensive techniques are designed to protect program control flow integrity. Although earlier work did suggest the existence of attacks that do not alter control flow, such attacks are generally believed to be rare against real-world software. The key contribution of this paper is to show that non-control-data attacks are realistic. We demonstrate that many real-world applications, including FTP, SSH, Telnet, and HTTP servers, are vulnerable to such attacks. In each case, the generated attack results in a security compromise equivalent to that due to the controldata attack exploiting the same security bug. Non-control-data attacks corrupt a variety of application data including user identity data, configuration data, user input data, and decision-making data. The success of these attacks and the variety of applications and target data suggest that potential attack patterns are diverse. Attackers are currently focused on control-data attacks, but it is clear that when control flow protection techniques shut them down, they have incentives to study and employ non-control-data attacks. This paper emphasizes the importance of future research efforts to address this realistic threat. 1
(Show Context)

Citation Context

...omization [4][6]; and others rely on control flow integrity for security, such as system call based intrusion detection techniques [17][18][19][21][22][23][34][47], control data protection techniques =-=[10]-=-[35][42], and nonexecutable-memory-based protections [1][41]. In addition to demonstrating the general applicability of non-control-data attacks, this paper can also be viewed as a step toward a more ...

BitBlaze: A new approach to computer security via binary analysis

by Dawn Song, David Brumley, Juan Caballero, Ivan Jager, Min Gyung Kang, Zhenkai Liang, James Newsome, Pongsin Poosankam, Prateek Saxena - In Proceedings of the 4th International Conference on Information Systems Security , 2008
"... Abstract. In this paper, we give an overview of the BitBlaze project, a new approach to computer security via binary analysis. In particular, BitBlaze focuses on building a unified binary analysis platform and using it to provide novel solutions to a broad spectrum of different security problems. Th ..."
Abstract - Cited by 140 (18 self) - Add to MetaCart
Abstract. In this paper, we give an overview of the BitBlaze project, a new approach to computer security via binary analysis. In particular, BitBlaze focuses on building a unified binary analysis platform and using it to provide novel solutions to a broad spectrum of different security problems. The binary analysis platform is designed to enable accurate analysis, provide an extensible architecture, and combines static and dynamic analysis as well as program verification techniques to satisfy the common needs of security applications. By extracting security-related properties from binary programs directly, BitBlaze enables a principled, root-cause based approach to computer security, offering novel and effective solutions, as demonstrated with over a dozen different security applications.
(Show Context)

Citation Context

...able in future versions.BitBlaze: A New Approach to Computer Security via Binary Analysis 15 4.3 Taint Analysis Engine Our dynamic taint analysis is similar in spirit to a number of previous systems =-=[16, 35, 18, 38, 17]-=-. However, since our goal is to support a broad spectrum of different applications, our design and implementation is the most complete. For example, previous approaches either operate on a single proc...

Raksha: A Flexible Information Flow Architecture for Software Security

by Michael Dalton, Hari Kannan, Christos Kozyrakis - In International Symposium on Computer Architecture (ISCA , 2007
"... High-level semantic vulnerabilities such as SQL injection and crosssite scripting have surpassed buffer overflows as the most prevalent security exploits. The breadth and diversity of software vulnerabilities demand new security solutions that combine the speed and practicality of hardware approache ..."
Abstract - Cited by 127 (7 self) - Add to MetaCart
High-level semantic vulnerabilities such as SQL injection and crosssite scripting have surpassed buffer overflows as the most prevalent security exploits. The breadth and diversity of software vulnerabilities demand new security solutions that combine the speed and practicality of hardware approaches with the flexibility and robustness of software systems. This paper proposes Raksha, an architecture for software security based on dynamic information flow tracking (DIFT). Raksha provides three novel features that allow for a flexible hardware/software approach to security. First, it supports flexible and programmable security policies that enable software to direct hardware analysis towards a wide range of high-level and low-level attacks. Second, it supports multiple active security policies that can protect the system against concurrent attacks. Third, it supports low-overhead security handlers that allow software to correct, complement, or extend the hardware-based analysis without the overhead associated with operating system traps. We present an FPGA prototype for Raksha that provides a fullfeatured Linux workstation for security analysis. Using unmodified binaries for real-world applications, we demonstrate that Raksha can detect high-level attacks such as directory traversal, command injection, SQL injection, and cross-site scripting as well as low-level attacks such as buffer overflows. We also show that lowoverhead exception handling is critical for analyses such as memory corruption protection in order to address false positives that occur due to the diverse code patterns in frequently used software.
(Show Context)

Citation Context

... command or dereferencing a tagged pointer, a security exception is raised. The generality of the DIFT model has led to the development of several software [4, 14, 5, 28, 13, 18, 15, 21] and hardware =-=[24, 6, 2]-=- implementations. Nevertheless, current DIFT systems do not exhibit all of the characteristics listed above. Software DIFT is flexible, as it can enforce arbitrary policies and adapt to different type...

Dynamic Spyware Analysis

by Manuel Egele, Christopher Kruegel, Engin Kirda, Heng Yin - In Proceedings of the 2007 Usenix Annual Conference (Usenix’07 , 2007
"... Spyware is a class of malicious code that is surreptitiously installed on victims ’ machines. Once active, it silently monitors the behavior of users, records their web surfing habits, and steals their passwords. Current anti-spyware tools operate in a way similar to traditional virus scanners. That ..."
Abstract - Cited by 110 (19 self) - Add to MetaCart
Spyware is a class of malicious code that is surreptitiously installed on victims ’ machines. Once active, it silently monitors the behavior of users, records their web surfing habits, and steals their passwords. Current anti-spyware tools operate in a way similar to traditional virus scanners. That is, they check unknown programs against signatures associated with known spyware instances. Unfortunately, these techniques cannot identify novel spyware, require frequent updates to signature databases, and are easy to evade by code obfuscation. In this paper, we present a novel dynamic analysis approach that precisely tracks the flow of sensitive information as it is processed by the web browser and any loaded browser helper objects. Using the results of our analysis, we can identify unknown components as spyware and provide comprehensive reports on their behavior. The techniques presented in this paper address limitations of our previous work on spyware detection and significantly improve the quality and richness of our analysis. In particular, our approach allows a human analyst to observe the actual flows of sensitive data in the system. Based on this information, it is possible to precisely determine which sensitive data is accessed and where this data is sent to. To demonstrate the effectiveness of the detection and the comprehensiveness of the generated reports, we evaluated our system on a substantial body of spyware and benign samples. 1
(Show Context)

Citation Context

...t Propagation Data Dependencies. Tainting allows to tag data elements of interest and track their propagation throughout the system. Similar to a number of previous systems that use taint propagation =-=[2, 6, 7, 22, 23]-=-, our taint analysis is capable of tracking data dependencies. To this end, the taint engine marks all bytes of the output of an operation as tainted whenever any byte of any input operand is tainted....

Securing Software by Enforcing Data-flow Integrity

by Miguel Castro - In Proceedings of the 7th Symposium on Operating Systems Design and Implementation , 2006
"... Software attacks often subvert the intended data-flow in a vulnerable program. For example, attackers exploit buffer overflows and format string vulnerabilities to write data to unintended locations. We present a simple technique that prevents these attacks by enforcing data-flow integrity. It compu ..."
Abstract - Cited by 110 (6 self) - Add to MetaCart
Software attacks often subvert the intended data-flow in a vulnerable program. For example, attackers exploit buffer overflows and format string vulnerabilities to write data to unintended locations. We present a simple technique that prevents these attacks by enforcing data-flow integrity. It computes a data-flow graph using static analysis, and it instruments the program to ensure that the flow of data at runtime is allowed by the data-flow graph. We describe an efficient implementation of data-flow integrity enforcement that uses static analysis to reduce instrumentation overhead. This implementation can be used in practice to detect a broad class of attacks and errors because it can be applied automatically to C and C++ programs without modifications, it does not have false positives, and it has low overhead. 1
(Show Context)

Citation Context

...plied to existing C and C++ programs automatically because it requires no modifications and it does not generate false positives. There are many proposals to prevent attacks on software, for example, =-=[30, 24, 27, 5, 18, 34, 31, 16, 19, 13, 37]-=-. CCured [30] and Cyclone [24] propose memorysafe dialects of C that prevent all these attacks. The disadvantage of these approaches is that the effort to port existing C code to these dialects is non...

Argos: an emulator for fingerprinting zero-day attacks

by Georgios Portokalidis, Asia Slowinska, Herbert Bos - in Proc. ACM SIGOPS EUROSYS’2006 , 2006
"... for advertised honeypots with automatic signature generation ..."
Abstract - Cited by 108 (22 self) - Add to MetaCart
for advertised honeypots with automatic signature generation
(Show Context)

Citation Context

... solutions in software. These are two rather different approaches, and each approach has important implications. For our purposes, the two most important representatives of these approaches are Minos =-=[12]-=- and Vigilante [28], respectively. Minos does not generate signatures at all and for costeffective deployment relies on implementation in hardware. Moreover, by looking at physical addresses only, it ...

Automatically Patching Errors in Deployed Software

by Jeff H. Perkins , Sunghun Kim , Sam Larsen , Saman Amarasinghe , Jonathan Bachrach , Michael Carbin , Carlos Pacheco , Frank Sherwood, Stelios Sidiroglou , Greg Sullivan , Weng-fai Wong , Yoav Zibin, Michael D. Ernst, Martin Rinard , 2009
"... We present ClearView, a system for automatically patching errors in deployed software. ClearView works on stripped Windows x86 binaries without any need for source code, debugging information, or other external information, and without human intervention. ClearView (1) observes normal executions to ..."
Abstract - Cited by 102 (20 self) - Add to MetaCart
We present ClearView, a system for automatically patching errors in deployed software. ClearView works on stripped Windows x86 binaries without any need for source code, debugging information, or other external information, and without human intervention. ClearView (1) observes normal executions to learn invariants that characterize the application’s normal behavior, (2) uses error detectors to monitor the execution to detect failures, (3) identifies violations of learned invariants that occur during failed executions, (4) generates candidate repair patches that enforce selected invariants by changing the state or the flow of control to make the invariant true, and (5) observes the continued execution of patched applications to select the most successful patch. ClearView is designed to correct errors in software with high availability requirements. Aspects of ClearView that make it particularly
Powered by: Apache Solr
  • About CiteSeerX
  • Submit and Index Documents
  • Privacy Policy
  • Help
  • Data
  • Source
  • Contact Us

Developed at and hosted by The College of Information Sciences and Technology

© 2007-2019 The Pennsylvania State University