Playing Inside the Black Box: Using Dynamic Instrumentation to Create Security Holes
نویسندگان
چکیده
Programs running on insecure or malicious hosts have often been cited as ripe targets for security attacks. The enabling technology for these attacks is the ability to easily analyze and control the running program. Dynamic instrumentation provides the necessary technology for this analysis and control. As embodied in the DynInst API library, dynamic instrumentation allows easy construction of tools that can: (1) inspect a running process, obtaining structural information about the program; (2) control the execution of the program, (3) cause new libraries to be dynamically loaded into the process’ address space; (4) splice new code sequences into the running program and remove them; and (5) replace individual call instructions or entire functions. With this technology, we have provided two demonstrations of its use: exposing vulnerabilities in a distributed scheduling system (Condor), and bypassing access to a license server by a word processor (Framemaker). The first demonstration shows the danger of remote execution of a job on a system of unknown pedigree, and the second demonstration shows the vulnerabilities of software license protection schemes. While these types of vulnerabilities have long been speculated, we show how, with the right tool (the DynInst API), they can be easily accomplished. Along with this discussion of vulnerabilities, we also discuss strategies for compensating for them.
منابع مشابه
Looking Inside the Black-Box: Capturing Data Provenance Using Dynamic Instrumentation
Knowing the provenance of a data item helps in ascertaining its trustworthiness. Various approaches have been proposed to track or infer data provenance. However, these approaches either treat an executing program as a black-box, limiting the fidelity of the captured provenance, or require developers to modify the program to make it provenance-aware. In this paper, we introduce DataTracker, a n...
متن کاملThe Architectural Review of Web Security in Static and Dynamic Analysis
Our objective in web security is to move black box to white box in enterprise practices. In this paper, we explain how our approaches achieve the goal in terms of static and dynamic analysis. To better explain the framework and roadmap of analysis work, we describe our approaches by using macro and micro views individually. Based on this foundation, we explore dynamic analysis in string validat...
متن کاملInside the Black Box: Organisational Buying Behaviour and Strategic Purchasing in Healthcare: A Response to Recent Commentary
متن کامل
A New Intrusion Detection System to deal with Black Hole Attacks in Mobile Ad Hoc Networks
By extending wireless networks and because of their different nature, some attacks appear in these networks which did not exist in wired networks. Security is a serious challenge for actual implementation in wireless networks. Due to lack of the fixed infrastructure and also because of security holes in routing protocols in mobile ad hoc networks, these networks are not protected against attack...
متن کاملHybrid Analysis for JavaScript Security Assessment
With the proliferation of Web 2.0 technologies, functionality in web applications is increasingly moving from server-side to client-side code, primarily JavaScript. The dynamic and eventdriven nature of JavaScript code, which is often machine generated or obfuscated, combined with reliance on complex frameworks and asynchronous communication, makes it difficult to perform effective security aud...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Parallel Processing Letters
دوره 11 شماره
صفحات -
تاریخ انتشار 2001