Code Self-checking Techniques for Trusted-Flow Implementation Luca Tagliaferri

Slides:



Advertisements
Similar presentations
S0 S1 S2 S J Trellis Diagram.
Advertisements

Sugar 2.0 Formal Specification Language D ana F isman 1,2 Cindy Eisner 1 1 IBM Haifa Research Laboratory 1 IBM Haifa Research Laboratory 2 Weizmann Institute.
A proposed Trusted-Flow system architecture with aspect-oriented implementation Paolo Falcarin, Mario Baldi Riccardo Scandariato, Maurizio Morisio (Politecnico.
Basic Java Constructs and Data Types – Nuts and Bolts
Purdue University Center for Education and Research in Information Assurance and Security Building a distributed intrusion detection system with Perl Diego.
Eclipse TPTP TPTP Heap and Thread Profilers High-level Design Rev 1.0 Asaf Yaffe July, 2006.
Measurement-Based Worst-Case Execution Time (WCET) Analysis Guillem Bernat and Adam Betts.
Developing Event Driven State Machine Workflows S1 S2 S3 S4 Adam Calderon Principal Engineer - Interknowlogy Microsoft MVP – C#
© 2004 Goodrich, Tamassia Skip Lists1 S0S0 S1S1 S2S2 S3S
Skip Lists. Outline and Reading What is a skip list (§9.4) – Operations (§9.4.1) – Search – Insertion – Deletion Implementation Analysis (§9.4.2) – Space.
Complex Distillation Column By: Dr. Gerardo Ruiz LPPD UIC 10/22/2008.
Dynamic Determinism Checking for Structured Parallelism Edwin Westbrook 1, Raghavan Raman 2, Jisheng Zhao 3, Zoran Budimlić 3, Vivek Sarkar 3 1 Kestrel.
ASSEMBLER M. Antczak, S. Wąsik. Debug session: starting of the example.exe program debugging process debug example.exe checking the value that is stored.
CS Spring 2014 Prelim 2 Review
Introduction to Concurrency
An infrastructure language for Open Nets Michele Loreti Joint work with: Lorenzo Bettini and Rosario Pugliese Dipartimento di Sistemi e Informatica Università.
Method Shelters: Avoiding Conflicts among Class Extensions Caused by Local Rebinding Shumpei Akai, Shigeru Chiba Tokyo Institute of Technology 1.
10/20: Lecture Topics HW 3 Problem 2 Caches –Types of cache misses –Cache performance –Cache tradeoffs –Cache summary Input/Output –Types of I/O Devices.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Chair of Software Engineering From Program slicing to Abstract Interpretation Dr. Manuel Oriol.
Working With the GMF Cylindrical Robots Lessons with the Robot System and RC Programming Language.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 6: Process Synchronization.
Anti-Cheating Mechanisms for Computer Games Michael Rudolph Jason Cook.
Software-based Code Attestation for Wireless Sensors.
Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.
Handling Errors with Exception (in Java) Project 10 CSC 420.
Verifying Commit-Atomicity Using Model Checking Cormac Flanagan University of California, Santa Cruz.
Race Conditions CS550 Operating Systems. Review So far, we have discussed Processes and Threads and talked about multithreading and MPI processes by example.
Lecture From Chapter 6 & /8/10 1 Method of Classes.
Programming a computer. What does programming a computer mean ? Programming a computer: Since a computer can only execute machine instructions (encoded.
Java Security Updated May Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security.
Supplier Product & Process Change Request. Flow Diagram: Supplier Product & Process Changes Requests Change notification form completed by supplier then.
Secure Embedded Processing through Hardware-assisted Run-time Monitoring Zubin Kumar.
Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.
Digital signature in automatic analyses for confidentiality against active adversaries Ilja Tšahhirov, Peeter Laud.
June 14, 2001Exception Handling in Java1 Richard S. Huntrods June 14, 2001 University of Calgary.
Liang, Introduction to Java Programming, Seventh Edition, (c) 2009 Pearson Education, Inc. All rights reserved Chapter 18 Exception Handling.
CIS 199 Test 01 Review. Computer Hardware  Central Processing Unit (CPU)  Brains  Operations performed here  Main Memory (RAM)  Scratchpad  Work.
Your Assignment Actor 1Actor 2 Request Status Status Check Status Provider Agent DarkChocolate Agent void HandleMessage(Message msg) { if(msg.action ==
12/1/98 COP 4020 Programming Languages Parallel Programming in Ada and Java Gregory A. Riccardi Department of Computer Science Florida State University.
1. Chapter 25 Protecting and Preparing Documents.
Secure Credential Manager Claes Nilsson - Sony Ericsson
Software testing techniques Software testing techniques Mutation testing Presentation on the seminar Kaunas University of Technology.
New Cryptographic Techniques for Active Networks Sandra Murphy Trusted Information Systems March 16, 1999.
Starting Object Design
Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.
jFuzz – Java based Whitebox Fuzzing
OPERATING SYSTEMS Frans Sanen.  Recap of threads in Java  Learn to think about synchronization problems in Java  Solve synchronization problems in.
Programming Languages
Synthesis with the Sketch System D AY 2 Armando Solar-Lezama.
Computer Systems Viruses. Virus A virus is a program which can destroy or cause damage to data stored on a computer. It’s a program that must be run in.
Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion.
1 Java Server Pages A Java Server Page is a file consisting of HTML or XML markup into which special tags and code blocks are inserted When the page is.
Dynamic Programming & Memoization. When to use? Problem has a recursive formulation Solutions are “ordered” –Earlier vs. later recursions.
Computer Science 112 Fundamentals of Programming II.
Int fact (int n) { If (n == 0) return 1; else return n * fact (n – 1); } 5 void main () { Int Sum; : Sum = fact (5); : } Factorial Program Using Recursion.
CS314 – Section 5 Recitation 9
Eighth Lecture Exception Handling in Java
Functions.
Loops in Java.
Topic: Java Security Models
Recursion (part 1) October 24, 2007 ComS 207: Programming I (in Java)
OurSQL = MySQL + Blockchain
Method of Classes Chapter 7, page 155 Lecture /4/6.
Program Flow.
C. M. Overstreet Old Dominion University Spring 2006
C. M. Overstreet Old Dominion University Fall 2005
C. M. Overstreet Old Dominion University Fall 2007
Exception Handling.
ITE “A” GROUP 2 ENCAPSULATION.
Presentation transcript:

Code Self-checking Techniques for Trusted-Flow Implementation Luca Tagliaferri

28 / 06 / 2004 Luca Tagliaferri Code checking mechanism What:What: –Verify that the executing program ina Java environment is accomplishing (only and all) its requested duty. How:How: –Inserting dynamically control code by an updatable Agent. –Monitoring the control flow Why:Why: –Unexpected code is prevented to be executed.

28 / 06 / 2004 Luca Tagliaferri Control Flow Mechanism A tool reads the original code and saves a regular expression describing the flow.A tool reads the original code and saves a regular expression describing the flow. The original program is monitored by a companion process called Checker (resident in a trusted area).The original program is monitored by a companion process called Checker (resident in a trusted area). The two processes communicate using sockets.The two processes communicate using sockets.

28 / 06 / 2004 Luca Tagliaferri Control Flow Checking R = AB|[C]*]D COND 1 COND 2 BLOCK 2 B BLOCK 3 C Begin End BLOCK 4 D BLOCK 1 A

28 / 06 / 2004 Luca Tagliaferri void main () { instr1; instr2; if (cond1) { instr4; instr5; instr6; if (cond1) { instr4; instr5; instr6; } else { while (cond2) { instr8; instr9; } } } }instr10;} Original Program S1 S2 S3 S4 S0 A BC C D D Socket Checker Agent int p[2]; socket (p); write (p,f(A) ); write (p,f(B) ); write (p,f(B) ); write (p,f(C) ); write (p,f(C) ); write (p,f(D) );

28 / 06 / 2004 Luca Tagliaferri S1 S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Original ProgramChecker AAAAAAAA

28 / 06 / 2004 Luca Tagliaferri S1 S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Original ProgramChecker A S0 S1

28 / 06 / 2004 Luca Tagliaferri S1 S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Original ProgramChecker BBBBBB

28 / 06 / 2004 Luca Tagliaferri S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Original ProgramChecker B S0 S1

28 / 06 / 2004 Luca Tagliaferri S1 S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Original ProgramChecker B S1 S2

28 / 06 / 2004 Luca Tagliaferri S1 S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Original ProgramChecker DDDDDDD

28 / 06 / 2004 Luca Tagliaferri S1 S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Original ProgramChecker D S2 S4 OK

28 / 06 / 2004 Luca Tagliaferri Detection In case an instruction in any block is modified the block itself is modified (or even a block is avoided)In case an instruction in any block is modified the block itself is modified (or even a block is avoided) The function f(block) returns a different value.The function f(block) returns a different value. The checker detects the hackingThe checker detects the hacking

28 / 06 / 2004 Luca Tagliaferri S1 S2 S3 S4 S0 A BC C D D void main () { int p[2]; socket (p); instr1; instr2; write (p,f(A) ); if (cond1) { instr4; instr5; instr6; write (p,f(B) ); } else { while (cond2) { instr8; instr9; write (p,f(C) ); } } instr10; write (p,f(D) ); } Socket Modified Original ProgramChecker B S2 S4 B fails

28 / 06 / 2004 Luca Tagliaferri Discussion What is f(x) ?What is f(x) ? A block sign function describing the flow execution and cyphered with a symmetric key How can it be hidden ?How can it be hidden ? Code obfuscation and appropriate key Can it be replaced ?Can it be replaced ? Frequent update

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.