19 research outputs found
MACH2: System for Root Cause Analysis of Kernel Vulnerabilities
Kernel code is ubiquitous in the modern technology landscape, and therefore, enforcing its security is of high importance. A common problem among modern kernel fuzzers is the discovery of vulnerabilities whose causes are difficult to pinpoint, meaning that they cannot easily be patched by developers. This leads to a large accumulation of bugs for kernel and kernel driver code. This issue can be remediated by being able to trace the root cause of a given exploit in the original source code. This study introduces MACH2, a system through which kernel vulnerabilities can have their root causes pinpointed such that they can be easily corrected by developers and/or automated systems. The MACH2 system consists of a 2-stage process: first, the system generates a trace of the exploit being run, and then, it uses this trace in tandem with a DSE engine to find the input regions of the code corresponding to the vulnerability at hand. MACH2 has already demonstrated its usability against CVEs and real-world exploits, and with upcoming additions, will be able to handle a wide array of vulnerability classes, allowing for a more secure kernel code landscape.Undergraduat
C-FLAT: Control-FLow ATtestation for Embedded Systems Software
Remote attestation is a crucial security service particularly relevant to
increasingly popular IoT (and other embedded) devices. It allows a trusted
party (verifier) to learn the state of a remote, and potentially
malware-infected, device (prover). Most existing approaches are static in
nature and only check whether benign software is initially loaded on the
prover. However, they are vulnerable to run-time attacks that hijack the
application's control or data flow, e.g., via return-oriented programming or
data-oriented exploits. As a concrete step towards more comprehensive run-time
remote attestation, we present the design and implementation of Control- FLow
ATtestation (C-FLAT) that enables remote attestation of an application's
control-flow path, without requiring the source code. We describe a full
prototype implementation of C-FLAT on Raspberry Pi using its ARM TrustZone
hardware security extensions. We evaluate C-FLAT's performance using a
real-world embedded (cyber-physical) application, and demonstrate its efficacy
against control-flow hijacking attacks.Comment: Extended version of article to appear in CCS '16 Proceedings of the
23rd ACM Conference on Computer and Communications Securit
Honeypots aplicados ao contexto IoT : propostas de arquiteturas e coletas direcionadas para gateways MQTT
Trabalho de Conclusão de Curso (graduação)—Universidade de BrasÃlia, Faculdade de Tecnologia, 2019.Há uma previsão de que em poucos anos existirão bilhões de dispositivos conectados na Internet. A
definição formal de IoT é complexa e a tecnologia é considerada ainda como emergente. No entanto,
antes mesmo de se consolidar, já existem ataques sendo direcionados para esse tipo de contexto.
Esse projeto surge como uma avaliação quanto a viabilidade de uma Honeynet IoT. Passado algum
tempo, o projeto passa a explorar as possibilidades de se utilizar honeypots aplicados aos gateways
MQTT, um dos principais protocolos de Internet das Coisas. Para tal feito, o projeto propõe alguns
modelos possÃveis de arquitetura e experimentos de coleta para realizar um comparativo entre os
honeypots Dionea e Cowrie.It is predicted that in a few years there will be billions of devices or things, connected to the
Internet. The formal definition of IoT is complex and the technology is still considered emerging.
However, even before consolidating, there are already attacks targeting this kind of context. The
project explores possibilities. to use honeypots applied to MQTT gateways, one of the major IoT
protocols. To this end, the project proposes some possible architectural models and collection
experiments to make a comparison between the Dionea and Cowrie honeypots