Formal framework and tools to derive efficient application-level detectors against memory corruption attacks
Yuan, Flore Q.
Loading…
Permalink
https://hdl.handle.net/2142/16469
Description
Title
Formal framework and tools to derive efficient application-level detectors against memory corruption attacks
Author(s)
Yuan, Flore Q.
Issue Date
2010-06-22T19:37:08Z
Director of Research (if dissertation) or Advisor (if thesis)
Iyer, Ravishankar K.
Department of Study
Electrical & Computer Eng
Discipline
Electrical & Computer Engr
Degree Granting Institution
University of Illinois at Urbana-Champaign
Degree Name
M.S.
Degree Level
Thesis
Keyword(s)
Formal verification
memory corruption
application specific detectors
Abstract
Memory corruptions are a major part of security attacks observed nowadays. Many protection mechanisms have been proposed to fight against them. These techniques can be broadly classified into two categories: those that focus on preventing vulnerabilities from being exploited (canary value, libsafe) and those that focus on preventing important data (e.g. return address, critical variable) from being overwritten by attackers (IFS, taintedness tracking, WIT, random memory layout). As the range of vulnerabilities increases, we believe that protecting all vulnerabilities with specific techniques begins to be unrealistic. That is why we want to focus on the second category. This thesis proposes to use an existing formal tool, SymPLAID, to find the minimum set of critical memory locations one needs to protect. The analysis results are also used to derive selective detectors which are guaranteed to detect a given attack model. We demonstrate the methodology by deriving application specific detectors which are guaranteed to detect all attacks where the attacker's goal is to corrupt the application's end result by modifying one memory location. Very few, well placed detectors are needed to get a 100% coverage for the given attack model.
Use this login method if you
don't
have an
@illinois.edu
email address.
(Oops, I do have one)
IDEALS migrated to a new platform on June 23, 2022. If you created
your account prior to this date, you will have to reset your password
using the forgot-password link below.
