584 research outputs found
Unreliable VAT payer
This paper explores legal regulation and practical application of an institute of unreliable VAT payer in the Czech Republic. The paper presents the most important conclusions made by the author within his dissertation research. The first aim is to introduce the institute of unreliable VAT payer and a mechanism of its application to foreign readers in order to enable cross-border comparisons with similar tools used in other states. The second aim of the paper is to confirm or disprove a hypothesis that legal regulation of the institute of unreliable VAT payer does not suffer from any serious deficit which would make it impossible to use this tool properly. The author mainly applies analysis, synthesis and description method. The author came to a conclusion that unreliable VAT payer is a functional tool in practice, but it suffers from several fundamental constitutional deficits
JIGSAW: Protecting resource access by inferring programmer expectations
Processes retrieve a variety of resources, such as files, from the operating system to function. However, securely accessing resources has proven to be a challenging task, accounting for 10-15% of vulnerabilities reported each year. Current defenses address only a subset of these vulnerabilities in ad-hoc and incomplete ways. In this paper, we provide a comprehensive defense against vulnerabilities during resource access. First, we identify a fundamental reason that resource access vulnerabilities exist - a mismatch between programmer expectations and the actual environment the program runs in. To address such mismatches, we propose JIGSAW, a system that can automatically derive programmer expectations and enforce it on the deployment. JIGSAW constructs programmer expectations as a name flow graph, which represents the data flows from the inputs used to construct file pathnames to the retrieval of system resources using those pathnames. We find that whether a program makes any attempt to filter such flows implies expectations about the threats the programmer expects during resource retrieval, the enabling JIGSAW to enforce those expectations. We evaluated JIGSAW on widely-used programs and found that programmers have many implicit expectations. These mismatches led us to discover two previously-unknown vulnerabilities and a default misconfiguration in the Apache webserver. JIGSAW enforces program expectations for approximately 5% overhead for Apache webservers, thus eliminating vulnerabilities due to resource access efficiently and in a principled manner.HEXHIV
ACES: Automatic compartments for embedded systems
Securing the rapidly expanding Internet of Things (IoT) is critical. Many of these "things" are vulnerable bare-metal embedded systems where the application executes directly on hardware without an operating system. Unfortunately, the integrity of current systems may be compromised by a single vulnerability, as recently shown by Google's P0 team against Broadcom's WiFi SoC. We present ACES (Automatic Compartments for Embedded Systems)1, an LLVM-based compiler that automatically infers and enforces inter-component isolation on bare-metal systems, thus applying the principle of least privileges. ACES takes a developer-specified compartmentalization policy and then automatically creates an instrumented binary that isolates compartments at runtime, while handling the hardware limitations of baremetal embedded devices. We demonstrate ACES' ability to implement arbitrary compartmentalization policies by implementing three policies and comparing the compartment isolation, runtime overhead, and memory overhead. Our results show that ACES' compartments can have low runtime overheads (13% on our largest test application), while using 59% less Flash, and 84% less RAM than the Mbed μVisor-the current state-of-the-art compartmentalization technique for bare-metal systems. ACES' compartments protect the integrity of privileged data, provide control-flow integrity between compartments, and reduce exposure to ROP attacks by 94.3% compared to μVisor.HEXHIV
BLURtooth: Exploiting cross-transport key derivation in Bluetooth classic and Bluetooth low energy
Secure Compilation (Dagstuhl Seminar 21481)
Secure compilation is an emerging field that puts together advances in security, programming languages, compilers, verification, systems, and hardware architectures in order to devise more secure compilation chains that eliminate many of today’s security vulnerabilities and that allow sound reasoning about security properties in the source language. For a concrete example, all modern languages provide a notion of structured control flow and an invoked procedure is expected to return to the right place. However, today’s compilation chains (compilers, linkers, loaders, runtime systems, hardware) cannot efficiently enforce this abstraction against linked low-level code, which can call and return to arbitrary instructions or smash the stack, blatantly violating the high-level abstraction. Other problems arise because today’s languages fail to specify security policies, such as data confidentiality, and the compilation chains thus fail to enforce them, especially against powerful side-channel attacks. The emerging secure compilation community aims to address such problems by identifying precise security goals and attacker models, designing more secure languages, devising efficient enforcement and mitigation mechanisms, and developing effective verification techniques for secure compilation chains.
This seminar strived to take a broad and inclusive view of secure compilation and to provide a forum for discussion on the topic. The goal was to identify interesting research directions and open challenges by bringing together people working on building secure compilation chains, on designing security enforcement and attack-mitigation mechanisms in both software and hardware, and on developing formal verification techniques for secure compilation
Unreliable VAT payer
This paper explores legal regulation and practical application of an institute of unreliable VAT payer in the Czech Republic. The paper presents the most important conclusions made by the author within his dissertation research. The first aim is to introduce the institute of unreliable VAT payer and a mechanism of its application to foreign readers in order to enable cross-border comparisons with similar tools used in other states. The second aim of the paper is to confirm or disprove a hypothesis that legal regulation of the institute of unreliable VAT payer does not suffer from any serious deficit which would make it impossible to use this tool properly. The author mainly applies analysis, synthesis and description method. The author came to a conclusion that unreliable VAT payer is a functional tool in practice, but it suffers from several fundamental constitutional deficits.This paper explores legal regulation and practical application of an institute of unreliable VAT payer in the Czech Republic. The paper presents the most important conclusions made by the author within his dissertation research. The first aim is to introduce the institute of unreliable VAT payer and a mechanism of its application to foreign readers in order to enable cross-border comparisons with similar tools used in other states. The second aim of the paper is to confirm or disprove a hypothesis that legal regulation of the institute of unreliable VAT payer does not suffer from any serious deficit which would make it impossible to use this tool properly. The author mainly applies analysis, synthesis and description method. The author came to a conclusion that unreliable VAT payer is a functional tool in practice, but it suffers from several fundamental constitutional deficits
REV.NG: A unified binary analysis framework to recover CFGs and function boundaries
Static binary analysis is a key tool to assess the security of thirdparty binaries and legacy programs. Most forms of binary analysis rely on the availability of two key pieces of information: the program's control-flow graph and function boundaries. However, current tools struggle to provide accurate and precise results, in particular when dealing with hand-written assembly functions and non-trivial control-flow transfer instructions, such as tail calls. In addition, most of the existing solutions are ad-hoc, rely on handcoded heuristics, and are tied to a specific architecture. In this paper we highlight the challenges faced by an architecture agnostic static binary analysis framework to provide accurate information about a program's CFG and function boundaries without employing debugging information or symbols.We propose a set of analyses to address predicate instructions, noreturn functions, tail calls, and context-dependent CFG. REV.NG, our binary analysis framework based on QEMU and LLVM, handles all the 17 architectures supported by QEMU and produces a compilable LLVM IR. We implement our described analyses on top of LLVM IR. In an extensive evaluation, we test our tool on binaries compiled for MIPS, ARM, and x86-64 using GCC and clang and compare them to the industry's state of the art tool, IDA Pro, and two well-known academic tools, BAP/ByteWeight and angr. In all cases, the quality of the CFG and function boundaries produced by REV.NG is comparable to or improves over the alternatives
Idea: Benchmarking Android Data Leak Detection Tools
Virtual application stores for mobile platforms contain many malign and benign applications that exhibit security issues, such as the leaking of sensitive data. In recent years, researchers have proposed a myriad of techniques and tools to detect such issues automatically. However, it is unclear how these approaches perform compared to each other. The tools are often no longer available, thus comparing different approaches is almost infeasible
- …
