• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 3
  • Tagged with
  • 3
  • 3
  • 3
  • 2
  • 2
  • 2
  • 2
  • 2
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Development of a prototype taint tracing tool for security and other purposes

Kargén, Ulf January 2012 (has links)
In recent years there has been an increasing interest in dynamic taint tracing of compiled software as a powerful analysis method for security and other purposes. Most existing approaches are highly application specific and tends to sacrifice precision in favor of performance. In this thesis project a generic taint tracing tool has been developed that can deliver high precision taint information. By allowing an arbitrary number of taint labels to be stored for every tainted byte, accurate taint propagation can be achieved for values that are derived from multiple input bytes. The tool has been developed for x86 Linux systems using the dynamic binary instrumentation framework Valgrind. The basic theory of taint tracing and multi-label taint propagation is discussed, as well as the main concepts of implementing a taint tracing tool using dynamic binary instrumentation. The impact of multi-label taint propagation on performance and precision is evaluated. While multi-label taint propagation has a considerable impact on performance, experiments carried out using the tool show that large amounts of taint information is lost with approximate methods using only one label per tainted byte.
2

Dasty : Revealing Real-World Prototype Pollution Consequences with Dynamic Taint Analysis / Dasty : Exponera Verkliga Konsekvenser av Prototype Pollution med Hjälp av Dynamic Taint Analysis

Moosbrugger, Paul January 2023 (has links)
Prototype pollution is a vulnerability in JavaScript and other prototype-based languages that allows malicious actors to inject a property into an object’s prototype. The injected property can subsequently trigger gadgets - source code sections that use the properties in sensitive locations. Gadgets can lead to various exploits, including denial-of-service, data exfiltration, and arbitrary code execution (ACE). Current research focuses primarily on the detection of pollution, while only a few discuss gadget detection. Those that do either propose detection solutions for browser-side applications or selected frameworks. This thesis aims to answer how prototype pollution affects modern server-side applications built on the Node.js framework. We propose a system that can automatically detect potential prototype pollution gadgets in Node.js applications. We utilize dynamic taint tracking to find flows from polluted prototypes to exploitable functions. Our system consists of multiple distinct runs. A first run analyzes a program without changing the control-flow to avoid premature termination through exceptions and program crashes. In subsequent runs, the system selectively changes conditionals to increase coverage. Based on our methodology, we implement Dasty, a performant dynamic taint analysis for prototype pollution gadgets built on NodeProf and the Truffle Instrumentation Framework. Dasty can automatically analyze third-party packages by utilizing their test suites. We use our implementation to analyze the 5000 most depended upon npm packages and verify the resulting flows systematically, focusing on ACE and similar high-profile vulnerabilities. Through the analysis, we identify 16 new gadgets in packages used by thousands of applications. Our results suggest that prototype pollution can lead to serious security issues in many modern applications. / Prototype pollution är en sårbarhet i JavaScript och andra prototypbaserade språk som tillåter skadliga aktörer att injicera en egenskap i ett objekts prototype. Den prototype som blivit komprometterad kan därefter utlösa gadgets - delar av kod som använder egenskaperna på känsliga positioner. Gadgets kan leda till olika exploiteringar, inklusive denial-of-service, dataexfiltrering och arbitrary code execution (ACE). Aktuell forskning fokuserar främst på detektion av prototype pollution, medan endast ett fåtal diskuterar detektion av gadgets. De som gör det föreslår antingen detekteringslösningar för applikationer på webbläsarnivå eller enskilda ramverk. Detta examensarbete syftar till att svara på hur prototype pollution påverkar moderna applikationer på serversidan byggda med ramverket Node.js. Vi föreslår ett system som automatiskt kan upptäcka potentiella prototype pollution gadgets i Node.js-applikationer. Vi använder dynamic taint tracking för att hitta flöden från injicerade prototyper till exploateringsbara funktioner. Vårt system består av flera distinkta körningar. En första körning analyserar ett program utan att ändra kontrollflödet för att undvika för tidig terminering p.g.a. exceptions och programkrascher. I efterföljande körningar ändrar systemet selektivt villkoren för att öka täckningen. Baserat på vår metodik implementerar vi Dasty, en snabb dynamic taint analysis för prototype pollution gadgets byggda på NodeProf och Truffle Instrumentation Framework. Dasty kan automatiskt analysera tredjepartspaket genom att använda deras testramverk. Vi använder vår implementering för att analysera de 5000 mest npm-beroende paketen och verifiera de resulterande flödena systematiskt, med fokus på ACE och liknande högprofilerade sårbarheter. Genom analysen identifierar vi 16 nya gadgets i paket som används av tusentals applikationer. Våra resultat tyder på att prototype pollution kan leda till allvarliga säkerhetsproblem i många moderna applikationer.
3

Blockchain-based containment of computer worms

Elsayed, Mohamed Ahmed Seifeldin Mohamed 22 December 2020 (has links)
Information technology systems are essential for most businesses as they facilitate the handling and sharing of data and the execution of tasks. Due to connectivity to the internet and other internal networks, these systems are susceptible to cyberattacks. Computer worms are one of the most significant threats to computer systems because of their fast self-propagation to multiple systems and malicious payloads. Modern worms employ obfuscation techniques to avoid detection using patterns from previous attacks. Although the best defense is to eliminate (patch) the software vulnerabilities being exploited by computer worms, this requires a substantial amount of time to create, test, and deploy the patches. Worm containment techniques are used to reduce or stop the spread of worm infections to allow time for software patches to be developed and deployed. In this dissertation, a novel blockchain-based collaborative intrusion prevention system model is introduced. This model is designed to proactively contain zero-day and obfuscated computer worms. In this model, containment is achieved by creating and distributing signatures for the exploited vulnerabilities. Blockchain technology is employed to provide liveness, maintain an immutable record of vulnerability-based signatures to update peers, accomplish trust in confirming the occurrence of a malicious event and the corresponding signature, and allow a decentralized defensive environment. A consensus algorithm based on the Practical Byzantine Fault Tolerance (PBFT) algorithm is employed in the model. The TLA+ formal method is utilized to check the correctness, liveness, and safety properties of the model as well as to assert that it has no behavioral errors. A blockchain-based automatic worm containment system is implemented. A synthetic worm is created to exploit a network-deployed vulnerable program. This is used to evaluate the effectiveness of the containment system. It is shown that the system can contain the worm and has good performance. The system can contain 100 worm attacks a second by generating and distributing the corresponding vulnerability-based signatures. The system latency to contain these attacks is less than 10 ms. In addition, the system has low resource requirements with respect to memory, CPU, and network traffic. / Graduate

Page generated in 0.0701 seconds