stins4cs a state inspection tool for c
play

StIns4CS: A State Inspection Tool for C# Amjad Ibrahim Sebastian - PowerPoint PPT Presentation

Mar 23, 2024 •242 likes •537 views

StIns4CS: A State Inspection Tool for C# Amjad Ibrahim Sebastian Banescu Affiliation Prof. Dr. Alexander Pretschner Technische Universitt Mnchen Fakultt fr Informatik Lehrstuhl XXII fr Software Engineering 1 INTRODUCTION Software

  1. StIns4CS: A State Inspection Tool for C# Amjad Ibrahim Sebastian Banescu Affiliation Prof. Dr. Alexander Pretschner Technische Universität München Fakultät für Informatik Lehrstuhl XXII für Software Engineering 1

  2. INTRODUCTION

  3. Software Tampering Context : Running an application on a platform controlled by an adversary Attacks : Unauthorized modification of software Consequence : Retail value of pirated software is $63 billion in 2013 [13]

  4. How to protect a software Obfuscation Tamper-Proofing Software Protection (Falcarin et al. [6]) Watermarking Birthmarking

  5. Contributions • The design and implementation of StateInspection4CSharp tool. • Symbolic execution to generate the set of input-output pairs for a certain set of functions. • Evaluation of the performance and stealth of StIns4CS with various response mechanisms. • A method to increase the stealth of the response mechanism by degrading results.

  6. StIns4CS

  7. The Concept Tamper-proofed Source StIns4CS Source Code Code C# C# • State Inspection [4] { { • Integrity of pure functions • Random networks of guards • A configurable response mechanism

  8. Guard

  9. Code Guard Network Original Methods Shuffled Methods [F1, F2, F3, F4, F5, F6, F7, F8]  [F3, F2, F7, F1, F6, F8, F4, F5] F3 F6 F2 F1 F5 F8 F7 F4

  10. Stack Inspection Stack overflow

  11. Transformation Workflow Checkers Method Checkers Static Code Responders Networks assertions Creation and Analysis Insertion Generation Generation insertion • Responses in case of detecting a tampering • Immediate crash • Delayed crash • Do nothing • Remote logging

  12. Primitive combination • Sabotaging the return values • Incorporating results of the check with return value Benefits 1. Hides the comparison 2. Hides the response 3. Adds diversity to the protection code

  13. Primitive combination- Example return result.Substring(expected-output);

  14. EVALUATION • Effectiveness against static and dynamic patching • Stealth of checking code • Cost of checking

  15. Effectiveness against code patching • Verify how the applications respond to patching • Static code patching • Dynamic memory patching • Test variable: • Component size

  16. Discussion n = 2

  17. Discussion n = 4 Patching detected in at least n-1 places

  18. Disabling a check n = 4

  19. Stealth of checking code • Pattern matching attacks • Test variables • Primitive combination • Virtualization obfuscation • Three regular expressions: • Regex1: any if-statement • Regex2: if-statement with stack inspection • Regex3: response call statement

  20. Discussion Regex2 Regex3 Regex1

  21. Results 100 100 100 100 100 90 Accuracy in matching checks 80 70 60 50 50 50 40 30 20 15 15 10 0 0 0 0 0 Test Case1 Test Case2 Test Case3 Test Case4

  22. Cost of checking • Function invocations added  performance will be affected • Execution time • Memory allocation • Code size

  23. Execution time and memory allocation Memory Allocation Impact Execution Time Impact • Directly proportional to component size 70 0.5 Memory allocation in megabyte 45 0.45 60 • No guarantee on degradation. 40 Execution time in msec 0.4 50 0.35 35 • Depends on the nature of the program 0.3 30 40 • Configuration 0.25 Function 1 25 Function 1 30 0.2 Function 2 20 Function 2 0.15 20 Function 3 15 Function 3 0.1 10 10 0.05 5 0 0 0 0 2 4 8 16 0 2 4 8 16 Component size Component size

  24. CONCLUSION & FUTURE WORK

  25. Conclusion • Effectiveness of the approach • StIns4CS • Solving problems affect stealth • Stack inspection • Enhancing the stealth is possible • Primitive combination

  26. Future work • Stack inspection  other options to break cycles • Information from the code call graph • Primitive combination is conditioned • Generalizing this concept • Software-diversity techniques within the checks • Versions of the same test

  27. Thanks for your attention ibrahim@in.tum.de QUESTIONS!

  28. References [1] Chang, Hoi, and Mikhail J. Atallah. “Protecting Software Code by Guards.” In Security and Privacy in Digital Rights Management, 160 – 175. Springer, 2002. [2]. Horne, Bill, Lesley Matheson, Casey Sheehan, and Robert E. Tarjan. “Dynamic Self -checking Techniques for Improved Tamper Resistance.” In Security and Privacy, 141– 159. Springer, 2002. [3]. Giffin, Jonathon T., Mihai Christodorescu, and Louis Kruger. “Strengthening Software Self - checksumming via Self- modifying Code.” In Computer Security Applications Conference, 21st Annual, 10– pp, 2005. [4]. Mavrogiannopoulos, Nikos, Nessim Kisserli, and Bart Preneel. “A Taxonomy of Self -modifying Code for obfuscation.” Computers & Security 30, 2011. [5]. David Aucsmith , “Tamper resistant software: an implementation”, in information hiding, 199 [6] P. Falcarin, C. Collberg, M. Atallah, and M . Jakubowski. Guest editors’ introduction: Software protection. Software, IEEE, 28(2):24 – 27, 2011. [7]. L. Martignoni, R. Paleari, and D. Bruschi. Conqueror: tamper-proof code execution on legacy systems. In Proceedings of the 7th Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Lecture Notes in Computer Science. Springer, July 2010.

  29. References [8]. J. Qiu, B. Yadegari, B. Johannesmeyer, S. Debray , X. Su, “Identifying and Understanding Self -Checksumming Defenses in Software”, 2015 . [9]. A. Seshadri , M. Luk , E. Shi , A. Perrig , L. van Doorn , P. Khosla , “Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems”, Proceedings of the twentieth ACM symposium on Operating systems principles, 2005. [10]. G. Tan, Y. Chen, M.H. Jakubowski , ”Delayed and controlled failures in tamper - resistant systems”, 8th Information Hiding, Lecture Notes in Computer Science, LNCS, vol. 4437 (2006). [11]. G. Wurster , P. C. van Oorschot , A. Somayaji , “A Generic Attack on Checksumming- Based Software Tamper Resistance”, 2005 IEEE Symposium on Security and Privacy. [12] Collberg, Christian,“Surreptitious software obfuscation, watermarking, and tamperproofing for software protection, 2010. [13] S. Smith and S. Weingart. Building a high performache programmable secure coprocessor.Computer Networks,1999. [14] Steve R. White and Liam Comerford. ABYSS: An architecture for software protection. IEEE Transactions on Software Engineering,1990. [15] Bennett Yee and J. D. Tygar. Secure coprocessors in electronic commerce applications. 1995. [16]. http://globalstudy.bsa.org/2011/downloads/study_pdf/2011_BSA_Piracy_Study-InBrief.pdf [17]. http://research.microsoft.com/en-us/projects/pex/ [18]. http://roslyn.codeplex.com [19]. https://dzone.com/articles/smart-continuous-delivery

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Alpha Presentation Kubernetes Cluster Inspection Tool The Capstone Experience Team Google David

Alpha Presentation Kubernetes Cluster Inspection Tool The Capstone Experience Team Google David

Alpha Presentation Kubernetes Cluster Inspection Tool The Capstone Experience Team Google David Ackley Guillermo Jimenez Linghao Ji Haylee Quarles Casey Schneider Ben Whitelaw Department of Computer Science and Engineering Michigan State

123 views • 9 slides
Project Plan Kubernetes Cluster Inspection Tool The Capstone Experience Team Google Dave Ackley

Project Plan Kubernetes Cluster Inspection Tool The Capstone Experience Team Google Dave Ackley

Project Plan Kubernetes Cluster Inspection Tool The Capstone Experience Team Google Dave Ackley Linghao Ji Guillermo Jimenez Haylee Quarles Casey Schneider Ben Whitelaw Department of Computer Science and Engineering Michigan State

310 views • 12 slides
Project Plan Oculus Rift Inspection and Training Tool The Capstone Experience Team Union Pacific

Project Plan Oculus Rift Inspection and Training Tool The Capstone Experience Team Union Pacific

Project Plan Oculus Rift Inspection and Training Tool The Capstone Experience Team Union Pacific Michael Aughton Sam Berndt Grant King Mitch Leinbach William Norman Department of Computer Science and Engineering Michigan State University

227 views • 12 slides
Considerations for the Two for One Inspection: Assessing Application Approvability and

Considerations for the Two for One Inspection: Assessing Application Approvability and

Considerations for the Two for One Inspection: Assessing Application Approvability and cGMP Compliance in a Single Inspection Todd H. Halpern, Esq. Assistant General Counsel, Regulatory & Global Supply Law Pfizer A Tool for

210 views • 10 slides
AELP Webinar Inspection of Standards A review of the current state of play in the inspection of

AELP Webinar Inspection of Standards A review of the current state of play in the inspection of

AELP Webinar Inspection of Standards A review of the current state of play in the inspection of apprenticeships Chair: Paul Warner, Director of Research and Development AELP Facilitator: Chris Jones, Specialist Adviser for Apprenticeships, Ofsted

270 views • 25 slides
RVI DACON INSPECTION TECHNOLOGIES INSPECTION Who we are Conventional and Oil and Gas,

RVI DACON INSPECTION TECHNOLOGIES INSPECTION Who we are Conventional and Oil and Gas,

RVI DACON INSPECTION TECHNOLOGIES INSPECTION Who we are Conventional and Oil and Gas, Refinery, Over 400 personnel Thailand headquarters Advanced NDT and Petrochemical, Heavy including more than with International Inspection Services

427 views • 11 slides
HMIP Inspection Derbys Experience AYM 3.4.19. HMIP Inspection New HMIP inspection cycle

HMIP Inspection Derbys Experience AYM 3.4.19. HMIP Inspection New HMIP inspection cycle

HMIP Inspection Derbys Experience AYM 3.4.19. HMIP Inspection New HMIP inspection cycle implemented from June 2018. Derby YOS first YJ partnership to be inspected in England and Wales. Fieldwork commenced 18.6.18. 2 weeks of

276 views • 6 slides
PIPELINE INSPECTION DACON INSPECTION SERVICES SERVICES Who we are Conventional and Oil and

PIPELINE INSPECTION DACON INSPECTION SERVICES SERVICES Who we are Conventional and Oil and

PIPELINE INSPECTION DACON INSPECTION SERVICES SERVICES Who we are Conventional and Oil and Gas, Refinery, Over 400 personnel Thailand headquarters Advanced NDT and Petrochemical, Heavy including more than with International Inspection

472 views • 26 slides
Code Inspection SENG 426, Summer 2009 Overview Code Inspection Process Participants

Code Inspection SENG 426, Summer 2009 Overview Code Inspection Process Participants

Code Inspection SENG 426, Summer 2009 Overview Code Inspection Process Participants Process Steps Inspection Metrics Forms Sample Code Inspection Project Part One: Use cases & Sequence Diagrams, Application

1.03k views • 28 slides
Guidelines and Summary of Centralized Inspection Opportunities Inspection Opportunities MNDNR |

Guidelines and Summary of Centralized Inspection Opportunities Inspection Opportunities MNDNR |

Guidelines and Summary of Centralized Inspection Opportunities Inspection Opportunities MNDNR | Heidi Wolf | heidi.wolf@state.mn.us Mandatory Inspections Local Units of Government (LGU) may conduct ( ) y mandatory inspections at public

395 views • 7 slides
Labour Inspection in Brazil Quick Facts 2,300 Labour Inspectors 200,000 inspections per

Labour Inspection in Brazil Quick Facts 2,300 Labour Inspectors 200,000 inspections per

Labour Inspection in Brazil Quick Facts 2,300 Labour Inspectors 200,000 inspections per year Central office in Brasilia Regional offices in all 27 state capitals and some other major cities LABOUR INSPECTION SECRETARY

420 views • 37 slides
RISK BASED INSPECTION APPROACH NEW INSPECTION PROCESS ODOT Division of Construction Management

RISK BASED INSPECTION APPROACH NEW INSPECTION PROCESS ODOT Division of Construction Management

RISK BASED INSPECTION APPROACH NEW INSPECTION PROCESS ODOT Division of Construction Management OVERVIEW FHWA Requirements Need to document the inspection activities for quality of workmanship Risk Based Inspection prioritization

275 views • 12 slides
Model Checking Finite State Finite State Model Checking Finite State Systems

Model Checking Finite State Finite State Model Checking Finite State Systems

Model Checking Finite State Finite State Model Checking Finite State Systems Informationsteknologi System Description A No! Debugging Information TOOL TOOL Yes, Requirement F Prototypes C T L Executable Code Test sequences Tools:

637 views • 34 slides
The ODOT Columbus State Construction Inspection Workforce Program (CIWP) Formal Education,

The ODOT Columbus State Construction Inspection Workforce Program (CIWP) Formal Education,

The ODOT Columbus State Construction Inspection Workforce Program (CIWP) Formal Education, Certification & Internship AASHTO Committee on Construction August 13, 2019 What is the Construction Inspection Workforce Program (CIWP)? A

383 views • 11 slides
Area Inspection Preparation Victor Roman 1. Focus of the Inspection This framework will

Area Inspection Preparation Victor Roman 1. Focus of the Inspection This framework will

A Quick Guide to the SEND Local Area Inspection Preparation Victor Roman 1. Focus of the Inspection This framework will inspect the Local Area (a Partnership Inspection), concentrating on 3 questions : Question A: How effectively does the

119 views • 10 slides
DIMP State- -Federal Implementation Team Federal Implementation Team DIMP State Pilot

DIMP State- -Federal Implementation Team Federal Implementation Team DIMP State Pilot

U.S. Department of Transportation Pipeline and Hazardous Materials Safety Administration DIMP State- -Federal Implementation Team Federal Implementation Team DIMP State Pilot Inspection Findings Pilot Inspection Findings National

489 views • 35 slides
R EVIEWED BY : P OLICY AND T ECHNICAL C OMMITTEE S TAFF D IRECTORS MPOAC G OVERNING B OARD MPOAC

R EVIEWED BY : P OLICY AND T ECHNICAL C OMMITTEE S TAFF D IRECTORS MPOAC G OVERNING B OARD MPOAC

C APITAL R EGION T RANSPORTATION P LANNING A GENCY R ETREAT October 14, 2019 Carl Mikyska, Executive Director Florida MPO Advisory Council MPOAC L EGISLATIVE P OLICY P OSITIONS R EVIEWED BY : P OLICY AND T ECHNICAL C OMMITTEE S TAFF D IRECTORS

448 views • 15 slides
PepsiCo Barclays Back-to-School Consumer Conference September 7, 2016 Safe Har bor Statement

PepsiCo Barclays Back-to-School Consumer Conference September 7, 2016 Safe Har bor Statement

PepsiCo Barclays Back-to-School Consumer Conference September 7, 2016 Safe Har bor Statement of T er ms & Non-GAAP Infor mation Note: This presentation should be viewed in conjunction with PepsiCos webcast presentation at the

350 views • 3 slides
Public Meeting for the Board of County Commissioners to discuss approaches, other than local land

Public Meeting for the Board of County Commissioners to discuss approaches, other than local land

Public Meeting for the Board of County Commissioners to discuss approaches, other than local land use regulations, to reduce the impacts of oil and gas development in Boulder County Board of County Commissioners April 25, 2017 11:00 a.m.

399 views • 35 slides
Evaluation of Random Field Models in Multi-modal Unsupervised Tampering Localization Pawe Korus

Evaluation of Random Field Models in Multi-modal Unsupervised Tampering Localization Pawe Korus

Evaluation of Random Field Models in Multi-modal Unsupervised Tampering Localization Pawe Korus & Jiwu Huang Shenzhen University College of Information Engineering IEEE International Workshop on Information Forensics and Security, 4 - 7

512 views • 22 slides
TONY MOORE CRITICAL NEIGHBOURHOOD INSPECTOR Question :- What makes a Well Functioning or a

TONY MOORE CRITICAL NEIGHBOURHOOD INSPECTOR Question :- What makes a Well Functioning or a

TONY MOORE CRITICAL NEIGHBOURHOOD INSPECTOR Question :- What makes a Well Functioning or a Good.. City Neighbourhood Community Society Police Functions Outlined in Section 32 Police (NI) Act 2000: To protect life and property To

379 views • 15 slides
What We Need are Standards in the Cloud If a standard falls in the forest and there is nobody

What We Need are Standards in the Cloud If a standard falls in the forest and there is nobody

What We Need are Standards in the Cloud If a standard falls in the forest and there is nobody there to adopt it, is it still a standard? My name is Benjamin Black And I have no standards. Lets talk about something interesting, instead:

939 views • 75 slides
Business N Netwo etworks, Foreign I n Inves estme tment nt, an and d En Enclav ave Fo

Business N Netwo etworks, Foreign I n Inves estme tment nt, an and d En Enclav ave Fo

Business N Netwo etworks, Foreign I n Inves estme tment nt, an and d En Enclav ave Fo Format mation Steven Samford, U of Toronto Dan Breznitz, U of Toronto Prepared for CDO Annual Meeting May 1-3, 2017 For Foreign Di Direct Inv

653 views • 18 slides
Ov Over erview iew The Landscape Redshift Structure and Economics Very Preliminary

Ov Over erview iew The Landscape Redshift Structure and Economics Very Preliminary

Flow Storage Revisited: Is it time to re-architect flow storage and processing systems? FloCon 2015 John M c Hugh 1 Ov Over erview iew The Landscape Redshift Structure and Economics Very Preliminary Results Inventories and

459 views • 28 slides

More recommend