Proceedings of the 15th Workshop on Programming Languages and Analysis for Security最新文献

筛选

英文中文

Automatic Discovery and Synthesis of Checksum Algorithms from Binary Data Samples 从二进制数据样本中自动发现和合成校验和算法

Proceedings of the 15th Workshop on Programming Languages and Analysis for Security Pub Date : 2020-11-09 DOI: 10.1145/3411506.3417599

Lauren Labell, Jared Chandler, Kathleen Fisher

{"title":"Automatic Discovery and Synthesis of Checksum Algorithms from Binary Data Samples","authors":"Lauren Labell, Jared Chandler, Kathleen Fisher","doi":"10.1145/3411506.3417599","DOIUrl":"https://doi.org/10.1145/3411506.3417599","url":null,"abstract":"Reverse engineering unknown binary message formats is an important part of security research. Error detecting codes such as checksums and Cyclic Redundancy Check codes (CRCs) are commonly added to messages as a guard against corrupt or untrusted input. Before an analyst can manufacture input for software which uses checksums they must discover the algorithm to calculate a valid checksum. To address this need, we have developed a program synthesis based approach for detecting and reverse-engineering checksum algorithms automatically. Our approach takes a small set of binary messages as input and automatically returns a Python implementation of the checksum algorithm if one can be found. Our approach first performs a search over the message space to identify the location of the checksum and then uses program synthesis to identify the operations performed on the message to compute the checksum. We return to the user runnable code to both calculate a checksum from a message and to validate a message according to the checksum algorithm. We generate unit tests, allowing the user to validate the synthesized checksum algorithm is correct with regard to the input messages. We created the Tufts Checksum Corpus comprised of 12 checksum inference questions collected from posts on reverse engineering question and answer sites and 2 instances of common internet protocol checksums. Our approach successfully synthesized the underlying checksum algorithms for 12 out of 14 cases in our test suite.","PeriodicalId":110751,"journal":{"name":"Proceedings of the 15th Workshop on Programming Languages and Analysis for Security","volume":"66 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123887773","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Short Paper: Modular Black-box Runtime Verification of Security Protocols 短文:安全协议的模块化黑盒运行时验证

Proceedings of the 15th Workshop on Programming Languages and Analysis for Security Pub Date : 2020-10-01 DOI: 10.1145/3411506.3417596

Kevin Morio, Dennis Jackson, Marco Vassena, R. Künnemann

引用次数: 3

首页上一页