Software-based Integrity Protection Flashcards
What is the definition of a MATE attacker?
MATE refers to a class of the attackers whose access extends to the environment on which software is being executed, thus they can tamper with the program’s logic, interfere with their execution, extract and manipulate their sensitive data.
What are pre and post distribution elements of an integrity protection system?
pre distribution:
- compute invariants
post distribution
- monitor
- detect
- respond
- secure storage
how does software based integrity protection realize the elements of an integrity protection system?
- Protection operations need to be shipped into the desired program
- Such operations need to be obfuscated to resist against potential attacks
how does hardware based integrity protection realize the elements of an integrity protection system?
- A dedicated security hardware module undertakes protection operations
- operation integrity is guaranteed (hardened)
- dedicated security utilities such as cryptographic operations, secure data provisioning, remote attestation are provided
- users can implement own desired operations atop the hardware
What are pros and cons of software based integrity protection?
pros:
- applicable almost to any problem context
- no dependency to hardware
cons:
- hard to implement and deploy
- hard to quantify security
- secure until broken
What are pros and cons of hardware based integrity protection?
pros:
- easier to deploy
- offer an acceptable security
cons:
- hardware needed
- vendor lock-in
- side-channel attacks
- special equipment can bypass
Describe Chang and Atallah’s Self-Checksumming Scheme
Idea: Augment the program with functions that compute hashes over code regions to compare to expected values
Hardening 1: Construct a network of checkers and responders so that checkers check each other and responders repair tampered regions (or provide some kind of reaction)
Hardening 2: Hide hash numbers so they won’t give away the location of checkers, blend the response mechanism with the program logic
What are cyclic checkers and how are they set up?
- checkers check themselves in a cycle
- challenge: precomputing hash values in cycles
- solution: utilize place holder patching to close the cycle
Describe an attack on Chang and Atallah’s Self-Checksumming scheme + possible countermeasures
- Use pattern matching to detect checker
- Patch conditions
- Precompute jumps (hardening 2!)
Countermeasures: obfuscation, cyclic checking
Describe the “generic attack against self-hashing algorithms”
- Copy program P to P_orig
- Modify P as desired to a hacked version P’
- Modify the kernel such that data reads are directed to P_orig, instruction reads to P’ (Split TLB attack: I-TLB, D-TLB)
Describe a countermeasure against the “generic attack against self-hashing algorithms”
Self-modifying code: If the fetch and read memories are disjoint, the unmodified code will be executed! -> “Self modification guards”
Describe another generic attack on self-checksumming protections
Guards follow a predictable routine:
- instantiate hash variable
- self read and modify hash variable
- branch condition on hash value
Use a combination of backward and forward taint analysis to detect SC guards:
- backward taint: code read/written by instruction? locate source
- forward taint: locate usages in instruction operands
What are pros and cons of self-checksumming techniques?
pros:
- potentially 100% coverage
cons:
- architecture dependent
- memory split attack
- taint-based attack
- pattern matching attacks
What is the idea behind State inspection?
Check the integrity of computation instead of code (-> self-checksumming)
What are some parts of program state that have been used for state inspection?
- function return values
- stack trace
- hardware performance counters
- execution trace hash