Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Buchtitelbild

2020 | OriginalPaper | Buchkapitel

UnderTracker: Binary Hardening Through Execution Flow Verification

verfasst von : Rajesh Shrivastava, Chittaranjan Hota, Govind Mittal, Zahid Akhtar

Erschienen in: Secure Knowledge Management In Artificial Intelligence Era

Verlag: Springer Singapore

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Programs are developed in a manner so that they execute and fulfill their intended purpose. In doing so, programmers trust the language to help them achieve their goals. Binary hardening is one such concept, which prevents program behavior deviation and conveys the intention of the programmer. Therefore, to maintain the integrity of the program, measures need to be taken to prevent code-tampering. The proposed approach enforces code verification from instruction-to-instruction by using the programmer’s intended control flow. UnderTracker enforces execution flow at the instruction cache by utilizing the read-only data-cache available in the program. The key idea is to place a control transfer code in data-cache and to call it from instruction cache via labels. UnderTracker injects labels into the binary without affecting the semantics of the program. After the code execution starts, it verifies every control point’s legality before passing the control to the next instruction, by passively monitoring the execution flow. This paper proposes an efficient technique, called UnderTracker, to strengthen the binary integrity of an I/O intensive running program, with the nominal overhead of only 5–6% on top of the normal execution.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Nächstes Kapitel Toward Relationship Based Access Control for Secure Sharing of Structured Cyber Threat Intelligence
Fußnoten
1
The estimates used above were chosen are as an example. They can be changed depending upon the use-case.
 
Literatur
1.
Marco-Gisbert, H., Ripoll, I.: Preventing brute force attacks against stack canary protection on networking servers. In: 2013 12th IEEE International Symposium on Network Computing and Applications (NCA), pp. 243–250. IEEE (2013)
2.
Wei, T., Wang, T., Duan, L., Luo, J.: Secure dynamic code generation against spraying. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 738–740. ACM (2010)
3.
Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A.-R., Shacham, H., Winandy, M.: Return-oriented programming without returns. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 559–572. ACM (2010)
4.
Abadi, M., Budiu, M., Erlingsson, Ú., Ligatti, J.: Control-flow integrity principles, implementations, and applications. ACM Trans. Inf. Syst. Secur. (TISSEC) 13(1), 4 (2009)CrossRef
5.
Burow, N., et al.: Control-flow integrity: precision, security, and performance. ACM Comput. Surv. (CSUR) 50(1), 16 (2017)CrossRef
6.
Zhang, C., et al.: Practical control flow integrity and randomization for binary executables. In: 2013 IEEE Symposium on Security and Privacy (SP), pp. 559–573. IEEE (2013)
7.
8.
Buchanan, E., Roemer, R., Shacham, H., Savage, S.: When good instructions go bad: generalizing return-oriented programming to RISC. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 27–38. ACM (2008)
9.
Prandini, M., Ramilli, M.: Return-oriented programming. IEEE Secur. Priv. 10(6), 84–87 (2012)CrossRef
10.
Bittau, A., Belay, A., Mashtizadeh, A., Mazières, D., Boneh, D.: Hacking blind. In: 2014 IEEE Symposium on Security and Privacy, pp. 227–242. IEEE (2014)
11.
Wurster, G., Van Oorschot, P.C., Somayaji, A.: A generic attack on checksumming-based software tamper resistance. In: IEEE Symposium on Security and Privacy, 2005, pp. 127–138. IEEE (2005)
12.
Pappas, V., Polychronakis, M., Keromytis, A.D.: Transparent ROP exploit mitigation using indirect branch tracing. In: USENIX Security Symposium, pp. 447–462 (2013)
13.
Wang, M., Yin, H., Bhaskar, A.V., Su, P., Feng, D.: Binary code continent: finer-grained control flow integrity for stripped binaries. In: Proceedings of the 31st Annual Computer Security Applications Conference, pp. 331–340. ACM (2015)
14.
Xia, Y., Liu, Y., Chen, H., Zang, B.: CFIMon: detecting violation of control flow integrity using performance counters. In: 2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 1–12. IEEE (2012)
15.
Zhang, M., Sekar, R.: Control flow and code integrity for COTS binaries: an effective defense against real-world ROP attacks. In: Proceedings of the 31st Annual Computer Security Applications Conference, pp. 91–100. ACM (2015)
16.
Agrawal, H., et al.: Detecting hidden logic bombs in critical infrastructure software. In: International Conference on Cyber Warfare and Security. Academic Conferences International Limited (2012). Page 1
17.
Dang, T.H.Y., Maniatis, P., Wagner, D.: The performance cost of shadow stacks and stack canaries. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, pp. 555–566. ACM (2015)
18.
Ding, R., Qian, C., Song, C., Harris, B., Kim, T., Lee, W.: Efficient protection of path-sensitive control security. In: 26th USENIX Security Symposium (USENIX Security 2017), Vancouver, BC, pp. 131–148. USENIX Association (2017)
19.
Carlini, N., Barresi, A., Payer, M., Wagner, D., Gross, T.R.: Control-flow bending: on the effectiveness of control-flow integrity. In: USENIX Security Symposium, pp. 161–176 (2015)
20.
Das, S., Zhang, W., Liu, Y.: A fine-grained control flow integrity approach against runtime memory attacks for embedded systems. IEEE Trans. Very Large Scale Integr. VLSI Syst. 24(11), 3193–3207 (2016) CrossRef
21.
Andriesse, D., Bos, H., Slowinska, A.: Parallax: implicit code integrity verification using return-oriented programming. In: 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 125–135. IEEE (2015)
22.
Shrivastava, R., Hota, C., Shrivastava, P.: Protection against code exploitation using ROP and check-summing in IoT environment. In: 2017 5th International Conference on Information and Communication Technology (ICoICT 2017), Melaka, Malaysia, May 2017
23.
Hota, C., Shrivastava, R.K., Shipra, S.: Tamper-resistant code using optimal ROP gadgets for IoT devices. In: 2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC), pp. 570–575. IEEE (2017)
24.
Shrivastava, R.K., Mishra, S., Barua, S., Hota, C.: Resilient complex event processing in IoT using side-channel information. In: Proceedings of the 10th International Conference on Security of Information and Networks, pp. 80–87. ACM (2017)
25.
Christensen, H.K., Brodal, G.S.: Algorithms for finding dominators in directed graphs. Ph.D. thesis, Aarhus Universitet, Datalogisk Institut (2016)
26.
Lengauer, T., Tarjan, R.E.: A fast algorithm for finding dominators in a flowgraph. ACM Trans. Program. Lang. Syst. (TOPLAS) 1(1), 121–141 (1979)CrossRef
27.
Wilander, J., Nikiforakis, N., Younan, Y., Kamkar, M., Joosen, W.: RIPE: runtime intrusion prevention evaluator. In: Proceedings of the 27th Annual Computer Security Applications Conference, pp. 41–50. ACM (2011)
Metadaten
Titel
UnderTracker: Binary Hardening Through Execution Flow Verification
verfasst von
Rajesh Shrivastava
Chittaranjan Hota
Govind Mittal
Zahid Akhtar
Copyright-Jahr
2020
Verlag
Springer Singapore
Buch
Secure Knowledge Management In Artificial Intelligence Era

Print ISBN: 978-981-15-3816-2

Electronic ISBN: 978-981-15-3817-9

Copyright-Jahr: 2020

DOI
https://doi.org/10.1007/978-981-15-3817-9_1