58,187 research outputs found
Achieving Obfuscation Through Self-Modifying Code: A Theoretical Model
With the extreme amount of data and software available on networks, the protection of online information is one of the most important tasks of this technological age. There is no such thing as safe computing, and it is inevitable that security breaches will occur. Thus, security professionals and practices focus on two areas: security, preventing a breach from occurring, and resiliency, minimizing the damages once a breach has occurred. One of the most important practices for adding resiliency to source code is through obfuscation, a method of re-writing the code to a form that is virtually unreadable. This makes the code incredibly hard to decipher by attackers, protecting intellectual property and reducing the amount of information gained by the malicious actor. Achieving obfuscation through the use of self-modifying code, code that mutates during runtime, is a complicated but impressive undertaking that creates an incredibly robust obfuscating system. While there is a great amount of research that is still ongoing, the preliminary results of this subject suggest that the application of self-modifying code to obfuscation may yield self-maintaining software capable of healing itself following an attack
Automatic Software Repair: a Bibliography
This article presents a survey on automatic software repair. Automatic
software repair consists of automatically finding a solution to software bugs
without human intervention. This article considers all kinds of repairs. First,
it discusses behavioral repair where test suites, contracts, models, and
crashing inputs are taken as oracle. Second, it discusses state repair, also
known as runtime repair or runtime recovery, with techniques such as checkpoint
and restart, reconfiguration, and invariant restoration. The uniqueness of this
article is that it spans the research communities that contribute to this body
of knowledge: software engineering, dependability, operating systems,
programming languages, and security. It provides a novel and structured
overview of the diversity of bug oracles and repair operators used in the
literature
FunTAL: Reasonably Mixing a Functional Language with Assembly
We present FunTAL, the first multi-language system to formalize safe
interoperability between a high-level functional language and low-level
assembly code while supporting compositional reasoning about the mix. A central
challenge in developing such a multi-language is bridging the gap between
assembly, which is staged into jumps to continuations, and high-level code,
where subterms return a result. We present a compositional stack-based typed
assembly language that supports components, comprised of one or more basic
blocks, that may be embedded in high-level contexts. We also present a logical
relation for FunTAL that supports reasoning about equivalence of high-level
components and their assembly replacements, mixed-language programs with
callbacks between languages, and assembly components comprised of different
numbers of basic blocks.Comment: 15 pages; implementation at https://dbp.io/artifacts/funtal/;
published in PLDI '17, Proceedings of the 38th ACM SIGPLAN Conference on
Programming Language Design and Implementation, June 18 - 23, 2017,
Barcelona, Spai
- …