Abstract
This article proposes approaches supporting the analysis of code vulnerabilities based on overlapping machine instructions of variable length. For the purpose of focusing the search for potential malicious code it is suggested to apply first disassembling techniques allowing for a restriction of potentially exploitable memory space. Successively, testing based on heuristic optimization may be applied in order to evaluate dynamically the practicality of vulnerability exploitation.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Andriesse, D., Bos, H.: Instruction-level steganography for covert trigger-based malware. In: Dietrich, S. (ed.) DIMVA 2014. LNCS, vol. 8550, pp. 41–50. Springer, Cham (2014). doi:10.1007/978-3-319-08509-8_3
CAPEC (Common Attack Pattern Enumeration and Classification) Community: Overflow Buffers (CAPEC-100) (2017). http://capec.mitre.org/data/definitions/100.html
Cowan, C., Barringer, M., Beattie, S., Kroah-Hartman, G., Frantzen, M., Lokier, J.: FormatGuard: automatic protection from printf format string vulnerabilities. In: Proceedings of 10th USENIX Security Symposium (SSYM 2001), vol. 10. USENIX Association (2001)
Intel® 64 and IA-32 Architectures: Software Developer’s Manual, vol. 2. Instruction Set Reference (2016)
Jämthagen, C., Lantz, P., Hell, M.: A new instruction overlapping technique for anti-disassembly and obfuscation of x86 binaries. In: Proceedings of Anti-malware Testing Research (WATeR 2014). IEEE Xplore (2014)
Jämthagen, C., Lantz, P., Hell, M.: Exploiting trust in deterministic builds. In: Skavhaug, A., Guiochet, J., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9922, pp. 238–249. Springer, Cham (2016). doi:10.1007/978-3-319-45477-1_19
Kilic, F., Kittel, T., Eckert, C.: Blind format string attacks. In: Tian, J., Jing, J., Srivatsa, M. (eds.) SecureComm 2014. LNICSSITE, vol. 153, pp. 301–314. Springer, Cham (2015). doi:10.1007/978-3-319-23802-9_23
Lhee, K., Chapin, S.: Buffer overflow and format string overflow vulnerabilities. J. Softw: Pract. Experience 33, 423–460. Wiley (2003)
Oster, N., Saglietti, F.: Automatic test data generation by multi-objective optimisation. In: Górski, J. (ed.) SAFECOMP 2006. LNCS, vol. 4166, pp. 426–438. Springer, Heidelberg (2006). doi:10.1007/11875567_32
Paleari, R., Martignoni, L. Fresi Roglia, G., Bruschi, D.: N-version disassembly: differential testing of x86 disassemblers. In: Procedings of 19th International Symposium on Software Testing and Analysis. ACM (2010)
Saglietti, F., Lill, R.: A testing pattern for automatic control software addressing different degrees of process autonomy and cooperation. In: Proceedings of 19th World Congress of the International Federation of Automatic Control (IFAC), vol. 47. Elsevier (2014)
Saglietti, F., Meitner, M., Wardenburg, L., Richthammer, V.: Analysis of informed attacks and appropriate countermeasures for cyber-physical systems. In: Skavhaug, A., Guiochet, J., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9923, pp. 222–233. Springer, Cham (2016). doi:10.1007/978-3-319-45480-1_18
Shacham, H.: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In: Proceedings of 14th ACM Conference on Computer and Communications Security (CCS 2007). ACM (2007)
Wagner, D., Foster, J.S., Brewer, E.A., Aiken, A.: A first step towards automated detection of buffer overrun vulnerabilities. In: Proceedings of Network and Distributed System Security Symposium (NDSS 2000). The Internet Society (2000)
Acknowledgment
The authors gratefully acknowledge that a major part of the work presented was supported by the German Federal Ministry for Economic Affairs and Energy (BMWi), project SMARTEST. The project is carried out in cooperation with the partner institutions University of Magdeburg, University of Applied Sciences of Magdeburg-Stendal and AREVA GmbH.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Al Sardy, L., Tang, T., Spisländer, M., Saglietti, F. (2017). Analysis of Potential Code Vulnerabilities Involving Overlapping Instructions. In: Tonetta, S., Schoitsch, E., Bitsch, F. (eds) Computer Safety, Reliability, and Security . SAFECOMP 2017. Lecture Notes in Computer Science(), vol 10489. Springer, Cham. https://doi.org/10.1007/978-3-319-66284-8_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-66284-8_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-66283-1
Online ISBN: 978-3-319-66284-8
eBook Packages: Computer ScienceComputer Science (R0)