Toward Taming the Overhead Monster for Data-flow Integrity

Data-Flow Integrity (DFI) is a well-known approach to effectively detecting a wide range of software attacks. However, its real-world application has been quite limited so far because of the prohibitive performance overhead it incurs. Moreover, the overhead is enormously difficult to overcome without substantially lowering the DFI criterion. In this work, an analysis is performed to understand the main factors contributing to the overhead. Accordingly, a hardware-assisted parallel approach is proposed to tackle the overhead challenge. Simulations on SPEC CPU 2006 benchmark show that the proposed approach can completely enforce the DFI defined in the original seminal work while reducing performance overhead by 4×, on average.

Testing Platform Invoke as a Tool for Shellcode Injection in Windows Applications

This paper investigates software attacks based on shellcode injection in Windows applications. The attack uses platform invoke to inject binary code by means of system calls. This creates a separate threat that carries the payload. The paper overviews protections against shellcode injection and thus analyzes the injection methods as well. Analysis models the injection of malicious code in a Windows app process. As a result, the paper proposes a step-by-step injection method. Experimental injection of user code in PowerShell is performed to test the method. The paper further shows the assembly code of the system call as an example of finding their IDs in the global system call table; it also shows part of the source code for the injection of binary executable code. Various counterattacks are proposed in the form of software control modules based on architecture drivers. The paper analyzes the feasibility of using dynamic invoke, which the authors plan to do later on.

DEVELOPMENT OF METODOLOGYCAL APPARATUS FOR IMPLEMENTATION OF PROTECTIVE FUNCTIONS IN DOMESTIC MICROCONTROLLERS IN MOBILE DIGITAL PROTECTED COMMUNICATION

Целю исследований является повышение защищенности данных и программного кода Flash - памяти отечественных микроконтроллеров в телекоммуникационных системах (ТКС) цифровой подвижной защищенной связи от атаки программного обеспечения (несанкционированного доступе и копирование) за счет регулирования рисков успешности вышеуказанной атаки путем разработки методического аппарата защиты кода программ. В работе продемонстрирован программный метод с использованием bootloader - загрузки программы из внешней памяти. Проведен анализ спецификаций на отечественные и зарубежные микроконтроллеры. Полученные результаты работы могут послужит обеспечению безопасности отечественных микроконтроллеров и дальнейшему развитию способов противодействия угрозам. Разработанный методический аппарат защиты кода программ от несанкционированного доступа позволит вывести отечественное оборудование на должный уровень применения, что позволит провести политику импортозамещения в части защиты кода программ. The purpose of research is to increase the security of data and Flash program code - the memory of domestic microcontrollers in the digital mobile communication system from software attacks (unauthorized access and copying) due to the management of the risks of success of the above attack by developing a methodological device for protecting program code. The work demonstrates a software method using bootloader - loading a program from external memory. Analysis of specifications for domestic and foreign microcontrollers. The results of the work can serve to ensure the safety of domestic microcontrollers and the further development of ways to counter threats. The developed methodological apparatus for protecting program code from unauthorized access will bring domestic equipment to the proper level of application, which will allow for an import substitution policy regarding program code protection.

The Hidden Potential Within Video Game Consoles

<div><div><div><p>Video game consoles share many of the characteristics of an ideal device for use in enterprise deployments. In comparison to many desktop and notebook PCs available in the market, modern video game consoles are actually quite powerful and capable. They provide an excellent user experience with simple and intuitive setup and operation. At the heart of the design of many modern video game consoles is security; they are remarkably resilient against very sophisticated hardware and software attacks. They are also rather cost-effective in comparison to modern PCs.</p></div></div></div>

The Hidden Potential Within Video Game Consoles

<div><div><div><p>Video game consoles share many of the characteristics of an ideal device for use in enterprise deployments. In comparison to many desktop and notebook PCs available in the market, modern video game consoles are actually quite powerful and capable. They provide an excellent user experience with simple and intuitive setup and operation. At the heart of the design of many modern video game consoles is security; they are remarkably resilient against very sophisticated hardware and software attacks. They are also rather cost-effective in comparison to modern PCs.</p></div></div></div>

Video Game Consoles in the Enterprise

<div><div><div><p>Video game consoles share many of the characteristics of an ideal device for use in enterprise deployments. In comparison to many desktop and notebook PCs available in the market, modern video game consoles are actually quite powerful and capable. They provide an excellent user experience with simple and intuitive setup and operation. At the heart of the design of many modern video game consoles is security; they are remarkably resilient against very sophisticated hardware and software attacks. They are also rather cost-effective in comparison to modern PCs.</p></div></div></div>

Finding Software Bugs in Embedded Devices

The goal of this chapter is to introduce the reader to the domain of bug discovery in embedded systems which are at the core of the Internet of Things. Embedded software has a number of particularities which makes it slightly different to general purpose software. In particular, embedded devices are more exposed to software attacks but have lower defense levels and are often left unattended. At the same time, analyzing their security is more difficult because they are very “opaque”, while the execution of custom and embedded software is often entangled with the hardware and peripherals. These differences have an impact on our ability to find software bugs in such systems. This chapter discusses how software vulnerabilities can be identified, at different stages of the software life-cycle, for example during development, during integration of the different components, during testing, during the deployment of the device, or in the field by third parties.

Video Game Consoles in the Enterprise

<div><div><div><p>Video game consoles share many of the characteristics of an ideal device for use in enterprise deployments. In comparison to many desktop and notebook PCs available in the market, modern video game consoles are actually quite powerful and capable. They provide an excellent user experience with simple and intuitive setup and operation. At the heart of the design of many modern video game consoles is security; they are remarkably resilient against very sophisticated hardware and software attacks. They are also rather cost-effective in comparison to modern PCs.</p></div></div></div>