Understanding Side Channels in Software Security

Slide Note
Embed
Share

This content delves into the topic of side channels in software security, focusing on the leakage of sensitive information through timing side channels. It discusses the concept of covert channels, reference monitors, limitations of analysis, and prevention strategies to mitigate the risks associated with side-channel attacks.

zeppelin
zeppelin Follow

Uploaded on Aug 14, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. EXERCISE #15 SIDE CHANNEL REVIEW Write your name and answer the following on a piece of paper Provide an instance of a function with a sensitive argument v and leaks a bit of v via a timing side channel 1

  2. Paper review due Sunday at 11:59 PM ADMINISTRIVIA AND ANNOUNCEMENTS

  3. 3 CLASS PROGRESS SHOWING SOME APPLICATIONS OF STATIC DATAFLOW DESCRIBED A PARTICULAR TYPE OF EVASION AGAINST EXPLICIT DATAFLOW: SIDE CHANNELS BEGAN TO CONSIDER WHAT WE COULD DO ABOUT IT

  4. 4 LAST TIME: SIDE CHANNELS REVIEW: LAST LECTURE UNDETECTABLEVIA (TYPICAL) STATICDATAFLOW General side-channel: using a predictable phenomenon outside of the semantics of the program Covert channel: special instance of a side channel that is used intentionally by the program

  5. REFERENCE MONITORS EECS 677: Software Security Evaluation Drew Davidson

  6. 6 OVERVIEW PREVENTING BAD STUFF FROM HAPPENING IN A PROGRAM

  7. LECTURE OUTLINE Overview Details Instances

  8. 8 LIMITATIONS OF ANALYSIS REFERENCE MONITORS: OVERVIEW SOFAR, OURFOCUSHASBEENLARGELY ONDETECTINGUNDESIRABLEBEHAVIOR That s valuable! Ask developers to correct their own mistakes Empower users to forgo running bad software

  9. 9 LIMITATIONS OF ANALYSIS REFERENCE MONITORS: OVERVIEW DETECTIONMIGHTNOTBEENOUGH May be in a position where we can t run the analysis STATIC ANALYSIS False positives Scalability issues DYNAMIC ANALYSIS False negatives Run time issues

  10. 10 A HANDS-ON ALTERNATIVE REFERENCE MONITORS: OVERVIEW KEEPBADTHINGSFROMHAPPENINGDURING SYSTEMEXECUTION Requires some sort of specification for bad things Requires some sort of preventative capabilities

  11. 11 PREVENTATIVE CAPABILITIES REFERENCE MONITORS: OVERVIEW SIMPLEFORM Kill the program DATAFLOW FORM Sanitize the data

  12. 12 THE BIG IDEA REFERENCE MONITORS: OVERVIEW KEEPPROGRAMSONTHE STRAIGHTANDNARROW - Articulate a policy for allowed behavior - Keep a running record of security-relevant behavior - Prevent a violation of the policy

  13. 13 SAFETY POLICIES REFERENCE MONITORS: INSTANCES EXECUTIONOFAPROCESSASASEQUENCEOFSTATES Policy is a predicate on sequence prefix Policy depends only on the past of a particular execution once violated, never unviolates INCAPABLEOFHANDLINGLIVENESSPOLICIES If this server accepts a SYN, it will eventually send a response

  14. LECTURE OUTLINE Overview Details Instances

  15. 15 CONSIDER THE REACTIVE ADVERSARY REFERENCE MONITORS: OVERVIEW DEFINITION Reactive Adversary: An adversary with the capability to understand the defense mechanism and an opportunity to avoid it IFA DEFENSECANBEAVOIDEDIT HARDLYMATTERSWHATTHE ENFORCEMENTDOES Recall the history of the Maginot Line

  16. 16 SECURITY VS PRECISION REFERENCE MONITORS: OVERVIEW PROGRAM PROXIMITY Far Close Inline reference monitor External reference monitor

  17. 17 REFERENCE MONITOR DESIGN REFERENCE MONITORS: INSTANCES KERNELIZED WRAPPER INLINE

  18. 18 PROPERTIES WE CARE ABOUT REFERENCE MONITORS: INSTANCES MEMORY SAFETY e.g. Programs respect aggregate type sizes, process boundaries, code v data TYPE SAFETY e.g. Functions and intrinsic operations have arguments that adhere to the type system CONTROL FLOW SAFETY e.g. All control transfers are envisioned by the original program

  19. LECTURE OUTLINE Overview Details Instances

  20. 20 OS AS REFERENCE MONITOR REFERENCE MONITORS: INSTANCES COLLECTIONOFRUNNINGPROCESSESANDFILES Processes are associated with users Files have ACLs OS ENFORCESVARIOUSSAFETYPOLICIES - File access - Process space write Same policy for all processes of the same user

  21. 21 SOFTWARE FAULT ISOLATION (SFI) REFERENCE MONITORS: INSTANCES ISOLATEPROCESSFAULTSONSHAREDHARDWARE Each process is a logical fault domain Ensure all memory references and jump is within the process fault domain

  22. 22 INLINE REFERENCE MONITORS: SASI REFERENCE MONITORS: INSTANCES CORNELLPROJECTFORINLINEPOLICYENFORCEMENT Change the program to enforce any safety policy Express allowed behavior as an FSM Examples: - No division by zero - No network send after file read

  23. 23 SASI: COST REFERENCE MONITORS: INSTANCES ATTEMPTSTOMINIMIZETHENUMBEROFCHECKS Looking at every instruction is incredibly expensive Example: only need to check divide-by-zero before DIV instructions

  24. 24 CONTROL FLOW INTEGRITY: CFI REFERENCE MONITORS: INSTANCES ENSURETHEPROGRAMCONTROL FLOWISALLOWEDBYTHE CFG In a sense, the policy is the control-flow graph Why would we need to do this?

  25. WRAP-UP

Related


Enhancing Secondary Channel Usage in IEEE 802.11 Standards

Enhancing Secondary Channel Usage in IEEE 802.11 Standards

brantley
Understanding Side Channels and Information Hiding Techniques in Advanced Information Assurance

Understanding Side Channels and Information Hiding Techniques in Advanced Information Assurance

kean390
Side Channel Monitoring in Additive Manufacturing for Cybersecurity and Quality Assurance

Side Channel Monitoring in Additive Manufacturing for Cybersecurity and Quality Assurance

ckel
Understanding Triangle Congruence Properties

Understanding Triangle Congruence Properties

stetler_r
Factors Influencing Adoption of Security Tools in Software Development

Factors Influencing Adoption of Security Tools in Software Development

thackery
Understanding Ion Channels in Cell Communication

Understanding Ion Channels in Cell Communication

raer864
Enhancing Spectrum Efficiency with Low Complexity Erasure Codes in IEEE 802.11 Document

Enhancing Spectrum Efficiency with Low Complexity Erasure Codes in IEEE 802.11 Document

telo646
Multi Division in Networking: Access Methods & Duplexing Techniques

Multi Division in Networking: Access Methods & Duplexing Techniques

pacetti_d
Enhancing Wireless LAN Throughput with Multiple Primary Channels

Enhancing Wireless LAN Throughput with Multiple Primary Channels

gade
Understanding Covert Timing Channels in Network Security

Understanding Covert Timing Channels in Network Security

verm_den
Exploring Triangle Similarity and Congruence

Exploring Triangle Similarity and Congruence

rage_817
Understanding Software Processes and Models

Understanding Software Processes and Models

fatima
Understanding the Essence of Software Development Process

Understanding the Essence of Software Development Process

katiely
Understanding Channels of Distribution in Business

Understanding Channels of Distribution in Business

bvar
Understanding Information Flow in Software Security

Understanding Information Flow in Software Security

lolarose
IEEE 802.11-20/0479r0 240 MHz Channelization Options

IEEE 802.11-20/0479r0 240 MHz Channelization Options

egan
IEEE 802.11-19-1156/r0: 20MHz Channel Usage Options

IEEE 802.11-19-1156/r0: 20MHz Channel Usage Options

edesi
Proposal for Improved Channel Access Efficiency in IEEE 802.11 Networks

Proposal for Improved Channel Access Efficiency in IEEE 802.11 Networks

tallula
Understanding Software Measurement and Metrics in Software Engineering

Understanding Software Measurement and Metrics in Software Engineering

asmodeus
Understanding Security Testing and Architecture

Understanding Security Testing and Architecture

nataleaei
Understanding Triangle Congruence by SSS and SAS Postulates

Understanding Triangle Congruence by SSS and SAS Postulates

milone_a
Software Cost Estimation in Software Engineering

Software Cost Estimation in Software Engineering

aislinn
Insights from NATO Software Engineering Conferences and The Software Crisis of the Seventies

Insights from NATO Software Engineering Conferences and The Software Crisis of the Seventies

kush_51
Comprehensive DevOps Security Training Overview

Comprehensive DevOps Security Training Overview

jahv_808

More Related Content