Detecting Exploit Primitives Automatically for Heap Vulnerabilities on Binary Programs

Automated Exploit Generation (AEG) is a well-known difficult task, especially for heap vulnerabilities. Previous works first detected heap vulnerabilities and then searched for exploitable states by using symbolic execution and fuzzing techniques on binary programs. However, it is not always easy to discovery bugs using fuzzing or symbolic technologies and solvable for internal overflow of heap objects. In this paper, we present a solution DEPA to detect exploit primitives based on primitive-crucial-behavior model for heap vulnerabilities. The core of DEPA contains two novel techniques, 1) primitive-crucial-behavior identification through pointer dependence analysis, and 2) exploit primitive determination method which includes triggering both vulnerabilities and exploit primitives. We evaluate DEPA on eleven real-world CTF(capture the flag) programs with heap vulnerabilities and DEPA can discovery arbitrary write and arbitrary jump exploit primitives for ten programs except for program multi-heap. Results showed that primitive-crucial-behavior identification and determining exploit primitives are accurate and effective by using our approach. In addition, DEPA is superior to the state-of-the-art tools in determining exploit primitives for the heap object internal overflowComment: 11 pages 9 figure

Cyber risk at the edge: Current and future trends on cyber risk analytics and artificial intelligence in the industrial internet of things and industry 4.0 supply chains

Digital technologies have changed the way supply chain operations are structured. In this article, we conduct systematic syntheses of literature on the impact of new technologies on supply chains and the related cyber risks. A taxonomic/cladistic approach is used for the evaluations of progress in the area of supply chain integration in the Industrial Internet of Things and Industry 4.0, with a specific focus on the mitigation of cyber risks. An analytical framework is presented, based on a critical assessment with respect to issues related to new types of cyber risk and the integration of supply chains with new technologies. This paper identifies a dynamic and self-adapting supply chain system supported with Artificial Intelligence and Machine Learning (AI/ML) and real-time intelligence for predictive cyber risk analytics. The system is integrated into a cognition engine that enables predictive cyber risk analytics with real-time intelligence from IoT networks at the edge. This enhances capacities and assist in the creation of a comprehensive understanding of the opportunities and threats that arise when edge computing nodes are deployed, and when AI/ML technologies are migrated to the periphery of IoT networks

Binary Exploitation in Industrial Control Systems: Past, Present and Future

Despite being a decades-old problem, binary exploitation still remains a serious issue in computer security. It is mainly due to the prevalence of memory corruption errors in programs written with notoriously unsafe but yet indispensable programming languages like C and C++. For the past 30 years, the nip-and-tuck battle in memory between attackers and defenders has been getting more technical, versatile, and automated. With raised bar for exploitation in common information technology (IT) systems owing to hardened mitigation techniques, and with unintentionally opened doors into industrial control systems (ICS) due to the proliferation of industrial internet of things (IIoT), we argue that we will see an increased number of cyber attacks leveraging binary exploitation on ICS in the near future. However, while this topic generates a very rich and abundant body of research in common IT systems, there is a lack of systematic study targeting this topic in ICS. The present work aims at filling this gap and serves as a comprehensive walkthrough of binary exploitation in ICS. Apart from providing an analysis of the past cyber attacks leveraging binary exploitation on ICS and the ongoing attack surface transition, we give a review of the attack techniques and mitigation techniques on both general-purpose computers and embedded devices. At the end, we conclude this work by stressing the importance of network-based intrusion detection, considering the dominance of resource-constrained real-time embedded devices, low-end embedded devices in ICS, and the limited ability to deploy arbitrary defense mechanism directly on these devices

Σύγχρονες Ψηφιακές Δεξιότητες και Τεχνολογίες στην εκπαίδευση: Δημιουργία ενός Μοντέλου Αξιολόγησης για τους εκπαιδευτικούς

Οι εκπαιδευτικοί του 2021 είναι αναγκαίο να έχουν ιδιαίτερα ανεπτυγμένες ψηφιακές δεξιότητες και να είναι εξοικειωμένοι με τις σύγχρονες τεχνολογίες που μπορούν να χρησιμοποιηθούν στην εκπαιδευτική διαδικασία. Ταυτόχρονα είναι σημαντικό να υπάρχει κάποιο μοντέλο που θα βοηθάει στην αξιολόγηση των δυο αυτών πεδίων. Η παρούσα εργασία παρουσιάζει τον σχεδιασμό, την υλοποίηση και την εφαρμογή ενός μοντέλου ηλεκτρονικής αξιολόγησης το οποίο απευθύνεται σε εκπαιδευτικούς και στοχεύει στην αξιολόγηση των Ψηφιακών τους Δεξιοτήτων και των γνώσεων τους όσον αφορά τις Σύγχρονες Τεχνολογίες του 2021, οι οποίες βρίσκουν εφαρμογή στην εκπαιδευτική διαδικασία. Η έμπνευση για τη δημιουργία του συγκεκριμένου μοντέλου προήλθε από την διαπιστωμένη έλλειψη μοντέλων αξιολόγησης που να αξιολογούν τα δύο αυτά πεδία και να απευθύνεται σε εκπαιδευτικούς. Για τη δημιουργία του μοντέλου κρίθηκε αναγκαία πρώτα η αναζήτηση και καταγραφή των Σύγχρονων Τεχνολογιών του 2021, που βρίσκουν εφαρμογή στην εκπαίδευση, και των Ψηφιακών Δεξιοτήτων που πρέπει να κατέχει ένας εκπαιδευτικός του 2021, για να χρησιμοποιεί τις τεχνολογίες αυτές στην εκπαιδευτική διαδικασία. Αυτό συνέβη διότι αυτά ήταν τα δύο πεδία που θα αξιολογούσε το μοντέλο. Μέσα από την αναζήτηση και την καταγραφή δημιουργήθηκαν 2 ταξινομίες, στις οποίες βασίστηκε η δημιουργία του μοντέλου. Το μοντέλο που δημιουργήθηκε δοκιμάστηκε σε 26 φοιτητές του Διιδρυματικού Προγράμματος Σπουδών «Τεχνολογίες της Πληροφορίας και της Επικοινωνίας στην Εκπαίδευση» οι οποίοι παρακολούθησαν το μάθημα «Σύγχρονες Ψηφιακές Τεχνολογίες και Διαδίκτυο», με στόχο να εξεταστεί η λειτουργικότητα και η χρηστικότητά του. Οι φοιτητές απάντησαν σε δύο διαφορετικά Τεστ Αυτοαξιολόγησης, ένα στην αρχή τους εξαμήνου πριν παρακολουθήσουν το μάθημα και ένας με το πέρας αυτού. Από την ανάλυση και τη σύγκριση των αποτελεσμάτων των 2 Τεστ παρατηρήθηκε βελτίωση στα αποτελέσματα του 2ου τεστ, στο μεγαλύτερο μέρος των φοιτητών, αλλά όχι σε τέτοιο βαθμό ώστε να μας δίνει τη δυνατότητα να βγάλουμε συμπεράσματα κατά πόσο υπήρξε ουσιαστική βελτίωση των Ψηφιακών Δεξιοτήτων των φοιτητών και των γνώσεων τους για τις Σύγχρονες Τεχνολογίες.Teachers of 2021 need to have highly developed digital skills and be familiar with modern technologies that can be used in the educational process. At the same time, it is important to have a model that will help evaluate these two areas. This paper presents the design, implementation and application of an electronic assessment model aimed at teachers and aims to assess their Digital Skills and their knowledge regarding Modern Technologies 2021, which are applicable to the educational process. The inspiration for the creation of this model came from the identified lack of evaluation models that evaluate these two fields and are addressed to teachers. In order to create the model, it was first deemed necessary to search and record the Modern Technologies of 2021, which are applicable in education, and the Digital Skills that a teacher of 2021 must possess, in order to use these technologies in the educational process. This was done because these were the two areas that the model would evaluate. Through search and recording, two classifications were created, on which the creation of the model was based. The created model was tested on 26 students of the Inter-institutional Curriculum "Information and Communication Technologies in Education", who attended the course "Modern Digital Technologies and Internet", in the purpose of examining its functionality and usability. The students answered two different Self-Assessment Tests, one at the beginning of the semester, before attending the course, and one at the end. From the analysis and comparison of the results of the 2 Tests, there was an improvement at the results in the 2nd test, for most of the students, but not to such an extent that it enables us to draw conclusions that there was a substantial improvement at the Digital Skills of the students and their knowledge of Modern Technologies

Fuzz Driver Generation

Poor software quality has led to tremendous costs and safety disasters, thus, software defects make the news with alarming regularity. Fuzzing is a bug detection technique. In particular, it is a software testing method where a stream of random input is sent to an application to stress the application and cause unexpected behaviour, resource leaks or crashes. When it comes to fuzzing software libraries, a fuzz driver plays an important role because it is the binder between the fuzzer and the target program. Traditionally fuzzing was used in closed-source platforms and also it is used to find vulnerabilities in kernels. However, recent developments show that fuzzing is now applied to open-source libraries. This research study analyses the role of a fuzz driver in the domain of fuzzing to recognise its importance, applications, techniques, challenges and future directions. This study intends to explore the state-of-the-art fuzz driver development strategies and identify trends in research and areas of potential improvements. We identified that fuzz driver generation is mainly seen as a minor activity in fuzzing research. It was evident that the development of a fuzz driver is laborious and time-consuming in nature but multiple innovative methodologies have been adopted in recent years to ease this task There are three main techniques to develop a fuzz driver: software developers manually writing a fuzz driver, semi-automatic generation of a fuzz driver through human-in-the-loop approaches and fully automatic generation of a fuzz driver. This research study evaluates these techniques through case studies and empirical analysis to recognise the best state-of-the-art fuzz driver generation strategy available for researchers and software testers. Our results show that manually developed fuzz drivers still outperform other methodologies in terms of performance but our results show how other methodologies could surpass their performance levels. Furthermore, this study analyses the effect of varying complexity levels of target functions on the performance of the fuzzing campaigns initiated through multiple fuzz driver generation techniques.Thesis (MPhil) -- University of Adelaide, School of Computer Science , 202

Hardware-Assisted Processor Tracing for Automated Bug Finding and Exploit Prevention

The proliferation of binary-only program analysis techniques like fuzz testing and symbolic analysis have lead to an acceleration in the number of publicly disclosed vulnerabilities. Unfortunately, while bug finding has benefited from recent advances in automation and a decreasing barrier to entry, bug remediation has received less attention. Consequently, analysts are publicly disclosing bugs faster than developers and system administrators can mitigate them. Hardware-supported processor tracing within commodity processors opens new doors to observing low-level behaviors with efficiency, transparency, and integrity that can close this automation gap. Unfortunately, several trade-offs in its design raise serious technical challenges that have limited widespread adoption. Specifically, modern processor traces only capture control flow behavior, yield high volumes of data that can incur overhead to sift through, and generally introduce a semantic gap between low-level behavior and security relevant events. To solve the above challenges, I propose control-oriented record and replay, which combines concrete traces with symbolic analysis to uncover vulnerabilities and exploits. To demonstrate the efficacy and versatility of my approach, I first present a system called ARCUS, which is capable of analyzing processor traces flagged by host-based monitors to detect, localize, and provide preliminary patches to developers for memory corruption vulnerabilities. ARCUS has detected 27 previously known vulnerabilities alongside 4 novel cases, leading to the issuance of several advisories and official developer patches. Next, I present MARSARA, a system that protects the integrity of execution unit partitioning in data provenance-based forensic analysis. MARSARA prevents several expertly crafted exploits from corrupting partitioned provenance graphs while incurring little overhead compared to prior work. Finally, I present Bunkerbuster, which extends the ideas from ARCUS and MARSARA into a system capable of proactively hunting for bugs across multiple end-hosts simultaneously, resulting in the discovery and patching of 4 more novel bugs.Ph.D

Electronic Evidence and Electronic Signatures

In this updated edition of the well-established practitioner text, Stephen Mason and Daniel Seng have brought together a team of experts in the field to provide an exhaustive treatment of electronic evidence and electronic signatures. This fifth edition continues to follow the tradition in English evidence text books by basing the text on the law of England and Wales, with appropriate citations of relevant case law and legislation from other jurisdictions. Stephen Mason (of the Middle Temple, Barrister) is a leading authority on electronic evidence and electronic signatures, having advised global corporations and governments on these topics. He is also the editor of International Electronic Evidence (British Institute of International and Comparative Law 2008), and he founded the innovative international open access journal Digital Evidence and Electronic Signatures Law Review in 2004. Daniel Seng (Associate Professor, National University of Singapore) is the Director of the Centre for Technology, Robotics, AI and the Law (TRAIL). He teaches and researches information technology law and evidence law. Daniel was previously a partner and head of the technology practice at Messrs Rajah & Tann. He is also an active consultant to the World Intellectual Property Organization, where he has researched, delivered papers and published monographs on copyright exceptions for academic institutions, music copyright in the Asia Pacific and the liability of Internet intermediaries