Presentation is loading. Please wait.

Presentation is loading. Please wait.

Code Self-checking Techniques for Trusted-Flow Implementation Luca Tagliaferri

Similar presentations


Presentation on theme: "Code Self-checking Techniques for Trusted-Flow Implementation Luca Tagliaferri"— Presentation transcript:

1 Code Self-checking Techniques for Trusted-Flow Implementation Luca Tagliaferri

2 28 / 06 / 2004 Luca Tagliaferri Code checking mechanism What:What: –Verify that the executing program ina Java environment is accomplishing (only and all) its requested duty. How:How: –Inserting dynamically control code by an updatable Agent. –Monitoring the control flow Why:Why: –Unexpected code is prevented to be executed.

3 28 / 06 / 2004 Luca Tagliaferri Control Flow Mechanism A tool reads the original code and saves a regular expression describing the flow.A tool reads the original code and saves a regular expression describing the flow. The original program is monitored by a companion process called Checker (resident in a trusted area).The original program is monitored by a companion process called Checker (resident in a trusted area). The two processes communicate using sockets.The two processes communicate using sockets.

4 28 / 06 / 2004 Luca Tagliaferri Control Flow Checking R = AB|[C]*]D COND 1 COND 2 BLOCK 2 B BLOCK 3 C Begin End BLOCK 4 D BLOCK 1 A

5 28 / 06 / 2004 Luca Tagliaferri void main () { instr1; instr2; if (cond1) { instr4; instr5; instr6; if (cond1) { instr4; instr5; instr6; } else { while (cond2) { instr8; instr9; } } } }instr10;} Original Program S1 S2 S3 S4 S0 A BC C D D Socket Checker Agent int p[2]; socket (p); write (p,f(A) ); write (p,f(B) ); write (p,f(B) ); write (p,f(C) ); write (p,f(C) ); write (p,f(D) );

6 28 / 06 / 2004 Luca Tagliaferri S1 S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Original ProgramChecker AAAAAAAA

7 28 / 06 / 2004 Luca Tagliaferri S1 S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Original ProgramChecker A S0 S1

8 28 / 06 / 2004 Luca Tagliaferri S1 S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Original ProgramChecker BBBBBB

9 28 / 06 / 2004 Luca Tagliaferri S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Original ProgramChecker B S0 S1

10 28 / 06 / 2004 Luca Tagliaferri S1 S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Original ProgramChecker B S1 S2

11 28 / 06 / 2004 Luca Tagliaferri S1 S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Original ProgramChecker DDDDDDD

12 28 / 06 / 2004 Luca Tagliaferri S1 S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Original ProgramChecker D S2 S4 OK

13 28 / 06 / 2004 Luca Tagliaferri Detection In case an instruction in any block is modified the block itself is modified (or even a block is avoided)In case an instruction in any block is modified the block itself is modified (or even a block is avoided) The function f(block) returns a different value.The function f(block) returns a different value. The checker detects the hackingThe checker detects the hacking

14 28 / 06 / 2004 Luca Tagliaferri S1 S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Modified Original ProgramChecker B S2 S4 B fails

15 28 / 06 / 2004 Luca Tagliaferri Discussion What is f(x) ?What is f(x) ? A block sign function describing the flow execution and cyphered with a symmetric key How can it be hidden ?How can it be hidden ? Code obfuscation and appropriate key Can it be replaced ?Can it be replaced ? Frequent update


Download ppt "Code Self-checking Techniques for Trusted-Flow Implementation Luca Tagliaferri"

Similar presentations


Ads by Google