264 research outputs found
Execution Integrity with In-Place Encryption
Instruction set randomization (ISR) was initially proposed with the main goal
of countering code-injection attacks. However, ISR seems to have lost its
appeal since code-injection attacks became less attractive because protection
mechanisms such as data execution prevention (DEP) as well as code-reuse
attacks became more prevalent.
In this paper, we show that ISR can be extended to also protect against
code-reuse attacks while at the same time offering security guarantees similar
to those of software diversity, control-flow integrity, and information hiding.
We present Scylla, a scheme that deploys a new technique for in-place code
encryption to hide the code layout of a randomized binary, and restricts the
control flow to a benign execution path. This allows us to i) implicitly
restrict control-flow targets to basic block entries without requiring the
extraction of a control-flow graph, ii) achieve execution integrity within
legitimate basic blocks, and iii) hide the underlying code layout under
malicious read access to the program. Our analysis demonstrates that Scylla is
capable of preventing state-of-the-art attacks such as just-in-time
return-oriented programming (JIT-ROP) and crash-resistant oriented programming
(CROP). We extensively evaluate our prototype implementation of Scylla and show
feasible performance overhead. We also provide details on how this overhead can
be significantly reduced with dedicated hardware support
Pedagogy of alternation and the role of the social educator (teachers and managers) to the challenges resulting from the implantation of field education at the federal institute of brasilia – campus planaltina
É cada vez mais reconhecida a importância da Pedagogia da Alternância para a realização de uma
Educação do Campo que valorize as necessidades e conhecimentos prévios do aluno do campo
sem deixar de lado o conhecimento cientÃfico necessário ao desenvolvimento do mesmo. Assim, o
presente trabalho decorre de um estudo que teve como primordial objetivo identificar e
problematizar o papel da Pedagogia da Alternância, da Educação do Campo e da Educação
Profissional na execução do Curso Técnico em Agropecuária em Regime de Alternância que foi
desenvolvido exclusivamente a assentados da Reforma Agrária na Superintendência Regional – 28
no Brasil. Este estudo analisou a implementação e execução do projeto sob o prisma da prática
pedagógica do professor, das experiências dos alunos e da gestão. Esta pesquisa é de cunho
essencialmente qualitativo, apresentada com a utilização de questionários semiestruturados
aplicados aos professores, gestores e alunos vinculados ao curso. Após analisar os resultados com
uma triangulação dos dados, percebemos que a utilização da Pedagogia da Alternância não é
unânime entre os professores para sua execução. Dessa maneira, apesar de o Instituto ter
planejado uma Pedagogia da Alternância Integrativa ou Formativa acabou executando uma
Pedagogia da Alternância Justapositiva, o que não atende, pelo menos por completo, aos anseios
do que foi planeado.It’s widely known the importance of the Pedagogy of Alternation to a Rural Education that takes into
consideration the needs and previous knowledge from its students without disregarding the scientific
knowledge that is necessary to their development. Thus, this research emerges from a study whose main goal was to identify and to analyse the Pedagogy of Alternation, the Rural Education and the
Professional Education roles in the Agriculture Technical Course under the alternation regime which
was developed exclusively to settlers from the Land Reform in the Regional Superintendence of
Education – 28. This study analyzed the implementation and execution of this project regarding
teacher’s pedagogical practice, students’ and school’s administration experiences. This is a
qualitative research that used semi- structured questionnaires with teachers, school administrators
and students from the course. After analyzing the results through data triangulation, we realized that
the use of the Pedagogy of Alternation is not unanimous among teachers. So, even though the
Institute has planned an integrating or formative Pedagogy of Alternation, it ended up executing a
juxtaposed one, which does not meet, at least fully, the needs of what has been planned. Then, we
propose some suggestions to improve the Pedagogy of Alternation implementation in the course
regarded in this research considering the social education and community intervention perspective.info:eu-repo/semantics/publishedVersio
Code-Reuse Attacks and Defenses
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almost three decades and no end seems to be in sight. In particular, code-reuse techniques such as return-oriented programming offer a robust attack technique that is extensively used to exploit memory corruption vulnerabilities in modern software programs (e.g. web browsers or document viewers). Whereas conventional control-flow attacks (runtime exploits)
require the injection of malicious code, code-reuse attacks leverage
code that is already present in the address space of an application to undermine the security model of data execution prevention (DEP). In addition, code-reuse attacks in conjunction with memory disclosure attack techniques circumvent the widely applied memory protection model of address space layout randomization (ASLR). To counter this ingenious attack strategy, several proposals for enforcement of control-flow integrity (CFI) and fine-grained code randomization have emerged.
In this dissertation, we explore the limitations of existing defenses against code-reuse attacks. In particular, we demonstrate that various
coarse-grained CFI solutions can be effectively undermined, even under weak adversarial assumptions. Moreover, we explore a new return-oriented programming attack technique that is solely based on indirect jump and call instructions to evade detection from defenses that perform integrity checks for return addresses.
To tackle the limitations of existing defenses, this dissertation introduces the design and implementation of several new countermeasures. First, we present a generic and fine-grained CFI framework for mobile devices targeting ARM-based platforms. This framework preserves static code signatures by instrumenting mobile
applications on-the-fly in memory. Second, we tackle the performance and security limitations of existing CFI defenses by introducing hardware-assisted CFI for embedded devices. To this end, we present a CFI-based hardware implementation for Intel Siskiyou Peak using dedicated CFI machine instructions. Lastly, we explore fine-grained code randomization techniques
LO-FAT: Low-Overhead Control Flow ATtestation in Hardware
Attacks targeting software on embedded systems are becoming increasingly
prevalent. Remote attestation is a mechanism that allows establishing trust in
embedded devices. However, existing attestation schemes are either static and
cannot detect control-flow attacks, or require instrumentation of software
incurring high performance overheads. To overcome these limitations, we present
LO-FAT, the first practical hardware-based approach to control-flow
attestation. By leveraging existing processor hardware features and
commonly-used IP blocks, our approach enables efficient control-flow
attestation without requiring software instrumentation. We show that our
proof-of-concept implementation based on a RISC-V SoC incurs no processor
stalls and requires reasonable area overhead.Comment: Authors' pre-print version to appear in DAC 2017 proceeding
C-FLAT: Control-FLow ATtestation for Embedded Systems Software
Remote attestation is a crucial security service particularly relevant to
increasingly popular IoT (and other embedded) devices. It allows a trusted
party (verifier) to learn the state of a remote, and potentially
malware-infected, device (prover). Most existing approaches are static in
nature and only check whether benign software is initially loaded on the
prover. However, they are vulnerable to run-time attacks that hijack the
application's control or data flow, e.g., via return-oriented programming or
data-oriented exploits. As a concrete step towards more comprehensive run-time
remote attestation, we present the design and implementation of Control- FLow
ATtestation (C-FLAT) that enables remote attestation of an application's
control-flow path, without requiring the source code. We describe a full
prototype implementation of C-FLAT on Raspberry Pi using its ARM TrustZone
hardware security extensions. We evaluate C-FLAT's performance using a
real-world embedded (cyber-physical) application, and demonstrate its efficacy
against control-flow hijacking attacks.Comment: Extended version of article to appear in CCS '16 Proceedings of the
23rd ACM Conference on Computer and Communications Securit
EVMPatch: Timely and Automated Patching of Ethereum Smart Contracts
Recent attacks exploiting errors in smart contract code had devastating
consequences thereby questioning the benefits of this technology. It is
currently highly challenging to fix errors and deploy a patched contract in
time. Instant patching is especially important since smart contracts are always
online due to the distributed nature of blockchain systems. They also manage
considerable amounts of assets, which are at risk and often beyond recovery
after an attack. Existing solutions to upgrade smart contracts depend on manual
and error-prone processes. This paper presents a framework, called EVMPatch, to
instantly and automatically patch faulty smart contracts. EVMPatch features a
bytecode rewriting engine for the popular Ethereum blockchain, and
transparently/automatically rewrites common off-the-shelf contracts to
upgradable contracts. The proof-of-concept implementation of EVMPatch
automatically hardens smart contracts that are vulnerable to integer
over/underflows and access control errors, but can be easily extended to cover
more bug classes. Our extensive evaluation on 14,000 real-world (vulnerable)
contracts demonstrate that our approach successfully blocks attack transactions
launched on these contracts, while keeping the intended functionality of the
contract intact. We perform a study with experienced software developers,
showing that EVMPatch is practical, and reduces the time for converting a given
Solidity smart contract to an upgradable contract by 97.6 %, while ensuring
functional equivalence to the original contract.Comment: A slightly shorter version of this paper will be published at USENIX
Security Symposium 202
Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks
Recently, a number of existing blockchain systems have witnessed major bugs
and vulnerabilities within smart contracts. Although the literature features a
number of proposals for securing smart contracts, these proposals mostly focus
on proving the correctness or absence of a certain type of vulnerability within
a contract, but cannot protect deployed (legacy) contracts from being
exploited. In this paper, we address this problem in the context of re-entrancy
exploits and propose a novel smart contract security technology, dubbed Sereum
(Secure Ethereum), which protects existing, deployed contracts against
re-entrancy attacks in a backwards compatible way based on run-time monitoring
and validation. Sereum does neither require any modification nor any semantic
knowledge of existing contracts. By means of implementation and evaluation
using the Ethereum blockchain, we show that Sereum covers the actual execution
flow of a smart contract to accurately detect and prevent attacks with a false
positive rate as small as 0.06% and with negligible run-time overhead. As a
by-product, we develop three advanced re-entrancy attacks to demonstrate the
limitations of existing offline vulnerability analysis tools
- …