Soumyadeep Ghosh will present his research seminar/general exam on Monday April 23 at 2PM in Room 402. The members of his committee are: David August (advisor), Andrew Appel, and Margaret Martonosi. Everyone is invited to attend his talk and those faculty wishing to remain for the oral exam following are welcome to do so. His abstract and reading list follow below. -- Title: Region-based Type Enforcement for C Abstract: Attacks that violate memory safety to corrupt program state or gain control over the execution of vulnerable programs form a large class of security threats. In a type-unsafe language such as C, different vulnerabilities due to lack of type enforcement (for e.g. buffer overflows, format string attacks, etc.) can lead to program crash, leakage of privileged information, and malicious code injection. These vulnerabilities stem from exploitation of facts that are undefined in the C standard. Existing bounds checking techniques cannot prevent attacks where bounds violations do not occur. Other techniques provide type enforcement, but they are either limited by incomplete code coverage or require non-trivial changes to the source code. In this work, we present a dynamic type enforcement system for C, that prevents memory safety errors by detecting program behavior undefined by the C standard. We evaluate the performance and applicability of our type enforcement system on a number of real-world applications with reported vulnerabilities. Reading List: Textbooks: [1] A. W. Appel. Modern Compiler Implementation in C. Cambridge University Press, 1998. [2] J. L. Hennessy and D. A. Patterson. Computer Architecture: A Quantitative Approach, Fourth Edition. Morgan Kaufmann, 2006. Papers: [1] P. Akritidis, C. Cadar, C. Raiciu, M. Costa, and M. Castro. Preventing memory error exploits with WIT. In Proceedings of the 2008 IEEE Symposium on Security and Privacy, 2008. [2] D. Avots, M. Dalton, V. B. Livshits, and M. S. Lam. Improving software security with a C pointer analysis. In Proceedings of the 27th International Conference on Software Engineering, 2005. [3] S. Chen, J. Xu, N. Nakka, Z. Kalbarczyk, and R. K. Iyer. Defeating memory corruption attacks via pointer taintedness detection. In Proceedings of the 2005 International Conference on Dependable Systems and Networks, 2005. [4] S. Chen, J. Xu, E. C. Sezer, P. Gauriar, and R. K. Iyer. Non-control-data attacks are realistic threats. In Proceedings of the 14th conference on USENIX Security Symposium, 2005. [5] D. Dhurjati, S. Kowshik, V. Adve, and C. Lattner. Memory safety without runtime checks or garbage collection. In Proceedings of the 2003 ACM SIGPLAN Conference on Language, Compiler, and Tool for Embedded Systems, 2003. [6] M. Hind. Pointer analysis: Haven’t we solved this problem yet? In 2001 ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE’01), 2001. [7] T. Jim, J. G. Morrisett, D. Grossman, M. W. Hicks, J. Cheney, and Y. Wang. Cyclone: A safe dialect of C. In Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference, 2002. [8] S. Nagarakatte, J. Zhao, M. M. Martin, and S. Zdancewic. Softbound: highly compatible and complete spatial memory safety for C. In Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation, 2009. [9] G. C. Necula, S. McPeak, and W. Weimer. CCured: type-safe retrofitting of legacy code. In Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, 2002. [10] C. Schlesinger, K. Pattabiraman, N. Swamy, D. Walker, and B. Zorn. Yarra: An extension to C for data integrity and partial safety. In Proceedings of the Computer Security Foundations Forum (CSF), 2011.
participants (1)
-
Melissa M. Lawson