ورود به حساب

نام کاربری گذرواژه

گذرواژه را فراموش کردید؟ کلیک کنید

حساب کاربری ندارید؟ ساخت حساب

ساخت حساب کاربری

نام نام کاربری ایمیل شماره موبایل گذرواژه

برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید


09117307688
09117179751

در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید

دسترسی نامحدود

برای کاربرانی که ثبت نام کرده اند

ضمانت بازگشت وجه

درصورت عدم همخوانی توضیحات با کتاب

پشتیبانی

از ساعت 7 صبح تا 10 شب

دانلود کتاب The Continuing Arms Race: Code-Reuse Attacks and Defenses

دانلود کتاب ادامه مسابقه تسلیحاتی: حملات و دفاع با استفاده مجدد از کد

The Continuing Arms Race: Code-Reuse Attacks and Defenses

مشخصات کتاب

The Continuing Arms Race: Code-Reuse Attacks and Defenses

دسته بندی: امنیت
ویرایش: 1st. 
نویسندگان:   
سری: ACM Books # 18 
ISBN (شابک) : 9781970001815 
ناشر: Association for Computing Machinery and Morgan & Claypool Publishers 
سال نشر: 2018 
تعداد صفحات: 304 
زبان: English 
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) 
حجم فایل: 11 مگابایت

قیمت کتاب (تومان) : 38,000



ثبت امتیاز به این کتاب

میانگین امتیاز به این کتاب :
       تعداد امتیاز دهندگان : 9


در صورت تبدیل فایل کتاب The Continuing Arms Race: Code-Reuse Attacks and Defenses به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.

توجه داشته باشید کتاب ادامه مسابقه تسلیحاتی: حملات و دفاع با استفاده مجدد از کد نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.


توضیحاتی درمورد کتاب به خارجی

Our societies are becoming increasingly dependent on emerging technologies and connected computer systems that are increasingly trusted to store, process, and transmit sensitive data. While generally beneficial, this shift also raises many security and privacy challenges. The growing complexity and connectivity offers adversaries a large attack surface. In particular, the connection to the Internet facilitates remote attacks without the need for physical access to the targeted computing platforms. Attackers exploit security vulnerabilities in modern software with the ultimate goal of taking control over the underlying computing platforms. There are various causes of these vulnerabilities, the foremost being that the majority of software (including operating systems) is written in unsafe programming languages (mainly C and C++) and by developers who are by-and-large not security experts. Memory errors are a prominent vulnerability class in modern software: they persist for decades and still are used as the entry point for today's state-of-theart attacks. The canonical example of a memory error is the stack-based buffer overflow vulnerability, where the adversary overflows a local buffer on the stack, and overwrites a function's return address. While modern defenses protect against this attack strategy, many other avenues for exploitation exist, including those that leverage heap, format string, or integer overflow vulnerabilities. Given a memory vulnerability in the program, the adversary typically provides a malicious input that exploits this vulnerability to trigger malicious program actions not intended by the benign program. This class of exploits aims to hijack the control flow of the program and differs from conventional malware, which encapsulates the malicious code inside a dedicated executable that needs to be executed on the target system and typically requires no exploitation of a program bug. As mentioned above, the continued success of these attacks is mainly attributed to the fact that large portions of software programs are implemented in type-unsafe languages (C, C++, or Objective-C) that do not guard against malicious program inputs using bounds checking, automatic memory management, etc. However, even type-safe languages like Java rely on virtual machines and complex runtimes that are in turn implemented in type-unsafe languages out of performance concerns. Unfortunately, as modern applications grow more complex, memory errors and vulnerabilities will likely continue to exist, with no end in sight. Regardless of the attacker's method of choice, exploiting a vulnerability and gaining control over an application's control flow is only the first step of an attack. The second step is to change the behavior of the compromised application to perform malicious actions. Traditionally, this has been realized by injecting malicious code into the application's address space, and later executing the injected code. However, with the widespread enforcement of data execution prevention (DEP), such attacks are more difficult to launch today. Unfortunately, the long-held assumption that only code injection posed a risk was shattered with the introduction of code-reuse attacks, such as return-into-libc and return-oriented programming (ROP). As the name implies, code-reuse attacks do not require any code injection and instead repurpose benign code already resident in memory. Code-reuse techniques are applicable to a wide range of computing platforms: x86-based platforms, embedded systems running on an Atmel AVR processor, mobile devices based on ARM, PowerPC-based Cisco routers, and voting machines deploying a z80 processor. Moreover, the powerfulROP technique is Turing-complete, i.e., it allows an attacker to execute arbitrary malicious code. In fact, the majority of state-of-the-art run-time exploits leverage code-reuse attack techniques, e.g., against Internet Explorer, Apple QuickTime, Adobe Reader, Microsoft Word, or the GnuTLS library. Even large-scale cyberattacks such as the popular Stuxnet worm, which damaged Iranian centrifuge rotors, incorporated code-reuse attack techniques. Indeed, even after more than three decades, memory corruption exploits remain a clear and present danger to the security of modern software and hardware platforms. This is why the research community both in academia and industry have invested major efforts in the recent past to mitigate the threat. Various defenses have been proposed and even deployed by Google, Microsoft, Intel, etc. The most prominent defenses are based on enforcement (e.g., Control-Flow Integrity [CFI]) or randomization (also known as software diversity) of certain program aspects. Both types of defenses have distinct advantages and disadvantages. Randomization makes it hard for attackers to chain together their attack gadgets, is efficient, and can be applied to complex software such as web browsers. It can have different levels of granularity, from a simple Address Space Layout Randomization (ASLR) to fine-grained randomization at function or even instruction level. However, randomization requires high entropy and all randomization schemes are inherently vulnerable to information leakage. CFI, on the other hand, provides guarantees that the application does not deviate from the intended program flow, yet it requires a security and efficiency tradeoff: i.e., coarse-grained CFI have been shown to be vulnerable, and fine-grained CFI can be inefficient without hardware support. Researchers have been working on improving these schemes with novel ideas in both software and hardware design. Many proposed defenses have been bypassed by other attacks, generating a large body of literature on this topic. It seems that the arms race between attackers and defenders continues. Although researchers have raised the bar for adversaries, there are still a number of challenges to tackle against sophisticated attacks. Despite all the recent proposals on various defenses, we cannot claim that the problem is entirely solved. However, our community has gained much insight through recent results on how and to what extent we need to employ certain design principles to significantly reduce the effect of code-reuse attacks. The main purpose of this book is to provide readers with some of the most influential works on run-time exploits and defenses. We hope that this material will inspire readers and generate new ideas and paradigms.



فهرست مطالب

Preface xi
Chapter 1 How Memory Safety Violations Enable Exploitation of Programs 1
Mathias Payer

1.1 Memory Safety 4
1.2 Data Integrity 8
1.3 Confidentiality 10
1.4 Data-Flow and Control-Flow Integrity 11
1.5 Policy Enforcement 15
1.6 An Adversary’s Toolkit 16
1.7 Conclusion 22

Chapter 2 Protecting Dynamic Code 25
Gang Tan, Ben Niu

2.1 Overview of Challenges and Solutions 26
2.2 Type-Based CFG Generation 28
2.3 Handling Dynamically Linked Libraries 39
2.4 Handling Just-In-Time Compiled Code 48
2.5 Related Work 58
2.6 Conclusion 60

Chapter 3 Diversity and Information Leaks 61
Stephen Crane, Andrei Homescu, Per Larsen, Hamed Okhravi,
Michael Franz

3.1 Software Diversity 62
3.2 Information Leakage 63
3.3 Mitigating Information Leakage 64
3.4 Address Oblivious Code Reuse 69
3.5 Countering Address-Oblivious Code Reuse 70
3.6 Evaluation of Code-Pointer Authentication 74
3.7 Conclusion 78

Chapter 4 Code-Pointer Integrity 81
Volodymyr Kuznetzov, L´aszl´o Szekeres, Mathias Payer,
George Candea, R. Sekar, Dawn Song

4.1 Introduction 81
4.2 Related Work 84
4.3 Threat Model 87
4.4 Design 87
4.5 The Formal Model of CPI 97
4.6 Implementation 102
4.7 Evaluation 109
4.8 Conclusion 116

Chapter 5 Evaluating Control-Flow Restricting Defenses 117
Enes G¨okta¸s, Elias Athanasopoulos, Herbert Bos,
Georgios Portokalidis

5.1 Introduction 117
5.2 Control-Flow Restricting Defenses 119
5.3 Security Analysis 122
5.4 Quantifying Gadget Availability in CFR 127
5.5 Proof-of-Concept Exploit against CFR 131
5.6 Summary 135

Chapter 6 Attacking Dynamic Code 139
Felix Schuster, Thorsten Holz

6.1 Goals and Attacker Model 140
6.2 Counterfeit Object-Oriented Programming 142
6.3 Loopless Counterfeit Object-Oriented Programming 157
6.4 A Framework for Counterfeit Object-Oriented Programming 160
6.5 Proof-of-Concept Exploits 162
6.6 Discussion 168
6.7 Security Assessment of Existing Defenses 173
6.8 Conclusion 179

Chapter 7 Hardware Control Flow Integrity 181
Yier Jin, Dean Sullivan, Orlando Arias, Ahmad-Reza Sadeghi,
Lucas Davi

7.1 Introduction 181
7.2 Threat Model and Assumptions 184
7.3 Requirements 185
7.4 Modeling CFI 186
7.5 Constructing a Precise Stateful CFI Policy 190
7.6 Hardware-Enhanced CFI: Design and Implementation 192
7.7 Security Evaluation 200
7.8 Performance Evaluation 205
7.9 Related Work 208
7.10 Conclusion 210

Chapter 8 Multi-Variant Execution Environments 211
Bart Coppens, Bjorn De Sutter, Stijn Volckaert

8.1 General Design of an MVEE 212
8.2 Implementation of GHUMVEE 217
8.3 Inconsistencies and False Positive Detections 220
8.4 Comprehensive Protection against Code-Reuse Attacks 233
8.5 Relaxed Monitoring 241
8.6 Evaluation 250
8.7 Conclusion 259

References 261

Contributor Biographies 283




نظرات کاربران

تمامی حقوق معنوی و مادی وبسایت متعلق به اینترنشنال لایبرری می باشد
نماد اعتماد الکترونیکی