Top

Information Systems Frontiers

Published in:

12-01-2021

UnderTracker: Generating Robust Binaries Using Execution Flow Traces

Authors: Rajesh Kumar Shrivastava, Chittaranjan Hota

Published in: Information Systems Frontiers | Issue 4/2021

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Programs are developed in a manner so that they execute and fulfill their intended purpose. In doing so, programmers trust the language to help them achieve their goals. Binary hardening is one such concept that prevents program behavior deviation and conveys the programmer’s intention. Therefore, to maintain the integrity of the program, measures need to be taken to avoid code-tampering. The proposed approach enforces code verification from instruction-to-instruction by using the programmer’s intended control flow. UnderTracker implements execution flow at the instruction cache by utilizing the read-only data-cache available in the program. The key idea is to place a control transfer code in data-cache and call it from instruction cache via labels. UnderTracker injects labels into the binary without affecting the semantics of the program. After the code execution starts, it verifies every control point’s legality before passing the control to the next instruction, by passively monitoring the execution flow. We proposed a cache-based monitoring method to verify code integrity. In this, we used side-channel information to monitor the program’s execution state. This monitoring system uses a sliding window scheme to detect the violation of code integrity with high reliability. This paper proposes an efficient technique, called UnderTracker to strengthen the binary integrity of an I/O intensive running program, with the nominal overhead of only 5-6% on top of the normal execution.

previous article Decepticon: a Theoretical Framework to Counter Advanced Persistent Threats

next article An Investigation of Misinformation Harms Related to Social Media during Two Humanitarian Crises

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Abadi, M., Budiu, M., Erlingsson, Ú., & Ligatti, J. (2009). Control-flow integrity principles, implementations, and applications. ACM Transactions on Information and System Security (TISSEC), 13(1), 4.CrossRef

Agrawal, H., Alberi, J., Bahler, L., Micallef, J., Virodov, A., Magenheimer, M., Snyder, S., Debroy, V., & Wong, E. (2012). Detecting hidden logic bombs in critical infrastructure software. In International Conference on Cyber Warfare and Security (pp. 1). Academic Conferences International Limited.

Andriesse, D., Bos, H., & Slowinska, A. (2015). Parallax: Implicit code integrity verification using return-oriented programming. In 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) (pp. 125–135): IEEE.

Bittau, A., Belay, A., Mashtizadeh, A., Mazières, D., & Boneh, D. (2014). Hacking blind. In 2014 IEEE Symposium On Security and Privacy (pp. 227–242): IEEE.

Bletsch, T., Jiang, X., Freeh, V.W., & Liang, Z. (2011). Jump-oriented programming: a new class of code-reuse attack. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, (pp. 30–40): ACM.

Buchanan, E., Roemer, R., Shacham, H., & Savage, S. (2008). When good instructions go bad: Generalizing return-oriented programming to risc. In Proceedings of the 15th ACM conference on Computer and communications security (pp. 27–38): ACM.

Burow, N., Carr, S.A., Nash, J., Larsen, P., Franz, M., Brunthaler, S., & Payer, M. (2017). Control-flow integrity: Precision, security, and performance. ACM Computing Surveys (CSUR), 50(1), 16.CrossRef

Carlini, N., Barresi, A., Payer, M., Wagner, D., & Gross, T.R. (2015). Control-flow bending: On the effectiveness of control-flow integrity. In USENIX Security Symposium (pp. 161–176).

Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A-R, Shacham, H., & Winandy, M. (2010). Return-oriented programming without returns. In Proceedings of the 17th ACM conference on Computer and communications security (pp. 559–572): ACM.

Chellali, M., & Maffray, F. (2012). Dominator colorings in some classes of graphs. In Graphs and Combinatorics (vol 28.1, pp. 97–107): Springer.

Christensen, H.K., & Brodal, G.S. (2016). Algorithms for Finding Dominators in Directed Graphs. PhD thesis, Aarhus Universitet, Datalogisk Institut.

Dang, T.H.Y., Maniatis, P., & Wagner, D. (2015). The performance cost of shadow stacks and stack canaries. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (pp. 555–566): ACM.

Das, S., Zhang, W., & Liu, Y. (2016). A fine-grained control flow integrity approach against runtime memory attacks for embedded systems. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, (11), 3193–3207.

Ding, R., Qian, C., Song, C., Harris, B., Kim, T., & Lee, W. (2017). Efficient protection of path-sensitive control security. In 26th USENIX Security Symposium (USENIX Security 17) (pp. 131–148). Vancouver: USENIX Association.

Gruss, D., Spreitzer, R., & Mangard, S. (2015). Cache template attacks: Automating attacks on inclusive last-level caches. In 24th {USENIX} Security Symposium ({USENIX} Security 15) (pp. 897–912).

Hota, C., Shrivastava, R.K., & Shipra, S. (2017). Tamper-resistant code using optimal rop gadgets for iot devices. In 2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC) (pp. 570–575): IEEE.

Jaloyan, G.-A., Markantonakis, K., Akram, Raja N, Robin, D., Mayes, K., & Naccache, D. (2020). Return-Oriented Programming on RISC-V. Proceedings of the 15th ACM Asia Conference on Computer and Communications Security (pp. 471–480).

Lengauer, T., & Tarjan, R.E. (1979). A fast algorithm for finding dominators in a flowgraph. ACM Transactions on Programming Languages and Systems (TOPLAS), 1(1), 121–141.CrossRef

Liu, F., Yarom, Y., Ge, Q., Heiser, G., & Lee, R.B. (2015). Last-level cache side-channel attacks are practical. In 2015 IEEE Symposium on Security and privacy (SP) (pp. 605–622): IEEE.

Marco-Gisbert, H., & Ripoll, I. (2013). Preventing brute force attacks against stack canary protection on networking servers. In 2013 12th IEEE International Symposium on Network Computing and Applications (NCA) (pp. 243–250): IEEE.

Osvik, D.A., Shamir, A., & Tromer, E. (2006). Cache attacks and countermeasures: the case of aes, in: Cryptographers’ track at the RSA conference (pp. 1–20): Springer.

Pappas, V., Polychronakis, M., & Keromytis, A.D. (2013). Transparent rop exploit mitigation using indirect branch tracing. In USENIX Security Symposium (pp. 447–462).

Prandini, M., & Ramilli, M. (2012). Return-oriented programming. IEEE Security & Privacy, 10 (6), 84–87.CrossRef

Qiang, W., Huang, Y., Zou, D., Jin, H., Wang, S., & Sun, G. (2017). Fully context-sensitive cfi for cots binaries. In Australasian Conference on Information Security and Privacy (pp. 435–442): Springer.

Profile-guided code identification and hardening using return oriented programming, Shrivastava, R.K., & Hota, C. (2019). In Journal of Information Security and Applications (vol. 48, pp. 102364): Publisher Elsevier.

Shrivastava, R., Hota, C., & Shrivastava, P. (201a). Protection against code exploitation using ROP and check-summing in IoT environment. In 2017 5th International Conference on Information and Communication Technology (ICoIC7) (ICoICT 2017). Melaka.

Shrivastava, R.K., Mishra, S., Barua, S., & Hota, C. (2017b). Resilient complex event processing in iot using side-channel information. In Proceedings of the 10th International Conference on Security of Information and Networks (pp. 80–87): ACM.

Wang, M., Yin, H., Bhaskar, A.V., Su, P., & Feng, D. (2015). Binary code continent: Finer-grained control flow integrity for stripped binaries. In Proceedings of the 31st Annual Computer Security Applications Conference (pp. 331–340): ACM.

Wei, T., Wang, T., Duan, L., & Luo, J. (2010). Secure dynamic code generation against spraying. In Proceedings of the 17th ACM conference on Computer and communications security (pp. 738–740): ACM.

Wilander, J., Nikiforakis, N., Younan, Y., Kamkar, M., & Joosen, W. (2011). Ripe: runtime intrusion prevention evaluator. In Proceedings of the 27th Annual Computer Security Applications Conference (pp. 41–50): ACM.

Wurster, Glenn, Van Oorschot, P.C., & Somayaji, A. (2005). A generic attack on checksumming-based software tamper resistance. In 2005 IEEE Symposium on Security and Privacy (pp. 127–138): IEEE.

Xia, Y., Liu, Y., Chen, H., & Zang, B. (2012). Cfimon: Detecting violation of control flow integrity using performance counters. In 2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) (pp. 1–12): IEEE.

Zhang, Y., Juels, A., Oprea, A., & Reiter, M.K. (2011). Homealone: Co-residency detection in the cloud via side-channel analysis. In 2011 IEEE symposium on security and privacy (pp. 313–328): IEEE.

Zhang, C., Wei, T., Chen, Z., Duan, L., Szekeres, L., McCamant, S., Song, D., & Zou, W. (2013). Practical control flow integrity and randomization for binary executables. In 2013 IEEE Symposium on Security and Privacy (SP) Practical control flow (pp. 559–573): IEEE.

Zhang, M., & Sekar, R. (2015). Control flow and code integrity for cots binaries: An effective defense against real-world rop attacks. In Proceedings of the 31st Annual Computer Security Applications Conference (pp. 91–100): ACM.

Title: UnderTracker: Generating Robust Binaries Using Execution Flow Traces
Authors: Rajesh Kumar Shrivastava
Chittaranjan Hota
Publication date: 12-01-2021
Publisher: Springer US
Published in: Information Systems Frontiers / Issue 4/2021
Print ISSN: 1387-3326
Electronic ISSN: 1572-9419
DOI: https://doi.org/10.1007/s10796-020-10095-4

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 4/2021

An Energy Efficient e-Healthcare Framework Supported by Novel EO-μGA (Extremal Optimization Tuned Micro-Genetic Algorithm)

Toward Automated Cyber Defense with Secure Sharing of Structured Cyber Threat Intelligence

Consumer Acceptance and Use of Information Technology: A Meta-Analytic Evaluation of UTAUT2

A Formal Specification of Access Control in Android with URI Permissions

Approaches to Enforce Privacy in Databases: Classical to Information Flow-Based Models

Assessing the Role of Age, Education, Gender and Income on the Digital Divide: Evidence for the European Union

Premium Partner