Proceedings of the 2013 New Security Paradigms Workshop 2013
DOI: 10.1145/2535813.2535824
|View full text |Cite
|
Sign up to set email alerts
|

Booby trapping software

Abstract: Cyber warfare is asymmetric in the current paradigm, with attackers having the high ground over defenders. This asymmetry stems from the situation that attackers have the initiative, while defenders concentrate on passive fortifications. Defenders are constantly patching the newest hole in their defenses and creating taller and thicker walls, without placing guards on those walls to watch for the enemy and react to attacks. Current passive cyber security defenses such as intrusion detection, anti-virus, and ha… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
19
0

Year Published

2014
2014
2020
2020

Publication Types

Select...
5
4

Relationship

3
6

Authors

Journals

citations
Cited by 38 publications
(19 citation statements)
references
References 39 publications
0
19
0
Order By: Relevance
“…Crane et al [20] propose that diversified binaries be "boobytrapped" with code that detects guessing attacks. A booby-trap is an instruction sequence beginning with an unconditional branch past its last instruction so the trap is skipped during normal execution; attempts to execute code at random addresses, however, will eventually trigger the trap.…”
Section: Implementation Disclosurementioning
confidence: 99%
“…Crane et al [20] propose that diversified binaries be "boobytrapped" with code that detects guessing attacks. A booby-trap is an instruction sequence beginning with an unconditional branch past its last instruction so the trap is skipped during normal execution; attempts to execute code at random addresses, however, will eventually trigger the trap.…”
Section: Implementation Disclosurementioning
confidence: 99%
“…Section 5.3 elaborates on this step. Second, we insert booby trap entries [10] in the xvtables. We also insert booby traps into the PLT during linking.…”
Section: Overviewmentioning
confidence: 99%
“…Researchers have shown that brute-force attacks can bypass diversity, especially in services that automatically restart without rerandomization after crashing [6,15,33,34]. We use software booby traps to counter this threat [10]. The idea is that booby traps lie dormant during normal program operation but are likely triggered by adversarial probing.…”
Section: Countering Guessing Attacksmentioning
confidence: 99%
“…Because they can use information leakage to locate gadgets in the binaries, just moving the gadgets around is not enough to stop these attacks. The diversifying compiler currently uses booby traps [9] to counter this type of exploit, but we believe that further diversity could also be used to counter this type of attack. BROP depends on the forking mechanism to produce an exact duplicate of the current process, so diversifying when forking would remove this required feature of the attack.…”
Section: Diversificationmentioning
confidence: 99%