Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion.

Published byKaren Osborne Modified over 8 years ago

Similar presentations

Presentation on theme: "Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion."— Presentation transcript:

1

2 Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion

3 Most web browsers allow dynamically downloading, loading and running of executable files from internet. Desktop operating Systems and many applications supports features extension by third party vendors using plug-in technology. If the codes are from un-trusted or unknown sources or are infected by a computer virus, system security can be compromised through the execution of them. All pc operating systems only provide weak protections.

4 Signature based malicious code scanning technique is used for inspecting and authorizing executable code. Due to un-decidability nature of computer virus malicious code can defend against known attacks. This model adopts a combination of integrity measurement and access control. Original code, but not malicious code can be easily hijacked by clever hackers.

5

6 Notations : Denote set of all objects O and all program files p and set of all subjects S. Definition 1 : ∀ o ∈ O, I o denotes a unique identifier of object o. I denotes the set of all identifiers of objects in O, where: I={ I o ∀ o ∈ O }. Definition 2 : For ∀ o 1, o 2 ∈ O, function f c can be used as an object integrity measurement function if it satisfies cnt ( o 1 ) ≠ cnt ( o 2 ) ⇔ f c ( o 1 ) ≠ f c ( o 2 ).

7 If at Time 0 system is secure, then no malicious code can be executed at any time. If at time k there exists a program p which is permitted to execute. At least g (p)=U or g ( p )=W holds. Now suppose p contains malicious code. Un-trusted Program Set Updating Rule (UPSUR): For any program p, if g(p)=M or g(p)=N, then P = P, V = V ∪ { p}. Program Authorization Rule (PAR2): ∀ v ∈ V, v is not allowed to run.

8 Authorizing executable files to allow running only trusted programs prevents invoking malicious codes and programs infected by computer viruses. The key disadvantage of the program file authorization model is that it only authorizes static executable code. It assumes that a program remains trusted all the time it is running. During buffer overflow attacks, attackers inject malicious code into the stack or heap. It dosen’t protect against this sort of attacks because they don’t modify a program file.

9 Active code authorization is a supplementation to program file authorization. It authorizes executable code on the fly before it is executed. Unlike the static executable file authorization, it is performed only on a code block instead of a whole program file. Divide a program file into an ordered sequence of octet vectors If the current integrity signature of code block p i is the same as what it was at Time 0, then g p (p i )=U vectors, identify each of the octet vectors uniquely. In all other cases, g p ( p i )= N

10 (1)When to split a program file into a sequence of code blocks. By splitting a program file into a sequence of code blocks, in ordered series of code blocks instead of splitting it into several small files then store them respectively. An appropriate time to do this is at compile time, when the compiler can do it.

11 (2) How to split a program file into a reasonable sequence of code blocks. To exploit a buffer overflow vulnerability, an attacker must overwrite the return address of the vulnerable function or simply a jump instruction which directs execution flow to shell code, and it will directly execute the flow to the start of a new code block.

12 (3)How to authorize a code block. Proof-Carrying Code for implementing our active code authorization logic, in which the proof to verify is the integrity signatures of code blocks. we can implement the proof checker file authorization model. Before executing a code block, we simply verify that the proof is valid.

13 All trusted programs are known and small, it is feasible to authorize the program files by integration signatures. Code authorization model is introduced based on this idea. The model is not limited by the un-decidability result of computer virus and it is able to defend against unknown malicious code. To defend against runtime hijack executable code we propose an active authorization scheme by extending the authorization program file.

14 F.Cohen :Computer viruses: “Theory and Experiment”, Computer and security. G.C. Nucela : “Proof Carrying Code” Proceedings on principles of programming languages. Chen Zhameo : “Research of Secure Operating system for Malicious code defending”

15 Queries???

16 Thank You!!!

Download ppt "Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion."

Similar presentations

Operating System Security

Operating System Security
ROP is Still Dangerous: Breaking Modern Defenses Nicholas Carlini et. al University of California, Berkeley USENIX Security 2014 Presenter: Yue Li Part.

ROP is Still Dangerous: Breaking Modern Defenses Nicholas Carlini et. al University of California, Berkeley USENIX Security 2014 Presenter: Yue Li Part.
Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.

Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee 2007. 04. 23.

Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee
Abhinn Kothari, 2009CS10172 Parth Jaiswal 2009CS10205 Group: 3 Supervisor : Huzur Saran.

Abhinn Kothari, 2009CS10172 Parth Jaiswal 2009CS10205 Group: 3 Supervisor : Huzur Saran.
By Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, and Giovanni Vigna Network and Distributed System Security(NDSS ‘07)

By Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, and Giovanni Vigna Network and Distributed System Security(NDSS ‘07)
Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.

Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.
1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.

1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.
Malicious Logic What is malicious logic Types of malicious logic Defenses Computer Security: Art and Science ©2002-2004 Matt Bishop.

Malicious Logic What is malicious logic Types of malicious logic Defenses Computer Security: Art and Science © Matt Bishop.
Attacking Malicious Code: A Report to the Infosec Research Council Kim Sung-Moo.

Attacking Malicious Code: A Report to the Infosec Research Council Kim Sung-Moo.
________________ CS3235, Nov 2002 Viruses Adapted from Pfleeger[Chap 5]. A virus is a program [fragment] that can pass on malicious code [usually itself]

________________ CS3235, Nov 2002 Viruses Adapted from Pfleeger[Chap 5]. A virus is a program [fragment] that can pass on malicious code [usually itself]
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.
Security Protection and Checking in Embedded System Integration Against Buffer Overflow Attacks Zili Shao, Chun Xue, Qingfeng Zhuge, Edwin H.-M. Sha International.

Security Protection and Checking in Embedded System Integration Against Buffer Overflow Attacks Zili Shao, Chun Xue, Qingfeng Zhuge, Edwin H.-M. Sha International.
Efficient Instruction Set Randomization Using Software Dynamic Translation Michael Crane Wei Hu.

Efficient Instruction Set Randomization Using Software Dynamic Translation Michael Crane Wei Hu.
Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.

Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.
Java Security Updated May 2007. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security.

Java Security Updated May Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
On-Chip Control Flow Integrity Check for Real Time Embedded Systems Fardin Abdi Taghi Abad, Joel Van Der Woude, Yi Lu, Stanley Bak, Marco Caccamo, Lui.

On-Chip Control Flow Integrity Check for Real Time Embedded Systems Fardin Abdi Taghi Abad, Joel Van Der Woude, Yi Lu, Stanley Bak, Marco Caccamo, Lui.

Similar presentations

Ads by Google