Proceedings 2023 Network and Distributed System Security Symposium最新文献_第7页

No Grammar, No Problem: Towards Fuzzing the Linux Kernel without System-Call Descriptions 没有语法，没有问题:在没有系统调用描述的情况下模糊Linux内核

Proceedings 2023 Network and Distributed System Security Symposium Pub Date : 1900-01-01 DOI: 10.14722/ndss.2023.24688

Alexander Bulekov, Bandan Das, Stefan Hajnoczi, Manuel Egele

{"title":"No Grammar, No Problem: Towards Fuzzing the Linux Kernel without System-Call Descriptions","authors":"Alexander Bulekov, Bandan Das, Stefan Hajnoczi, Manuel Egele","doi":"10.14722/ndss.2023.24688","DOIUrl":"https://doi.org/10.14722/ndss.2023.24688","url":null,"abstract":"—The integrity of the entire computing ecosystem depends on the security of our operating systems (OSes). Unfortunately, due to the scale and complexity of OS code, hundreds of security issues are found in OSes, every year [32]. As such, operating systems have constantly been prime use-cases for applying security-analysis tools. In recent years, fuzz-testing has appeared as the dominant technique for automatically finding security issues in software. As such, fuzzing has been adapted to find thousands of bugs in kernels [14]. However, modern OS fuzzers, such as Syzkaller, rely on precise, extensive, manually-created harnesses and grammars for each interface fuzzed within the kernel. Due to this reliance on grammars, current OS fuzzers are faced with scaling-issues. In this paper, we present F UZZ NG, our generic approach to fuzzing system-calls on OSes. Unlike Syzkaller, F UZZ NG does not require intricate descriptions of system-call interfaces in order to function. Instead F UZZ NG leverages fundamental kernel design features in order to reshape and simplify the fuzzer’s input-space. As such F UZZ NG only requires a small config, for each new target: essentially a list of files and system-call numbers the fuzzer should explore.","PeriodicalId":199733,"journal":{"name":"Proceedings 2023 Network and Distributed System Security Symposium","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127837631","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 1

OBSan: An Out-Of-Bound Sanitizer to Harden DNN Executables 一种用于强化DNN可执行文件的越界杀菌剂

Proceedings 2023 Network and Distributed System Security Symposium Pub Date : 1900-01-01 DOI: 10.14722/ndss.2023.24103

Yanzuo Chen, Yuanyuan Yuan, Shuai Wang

{"title":"OBSan: An Out-Of-Bound Sanitizer to Harden DNN Executables","authors":"Yanzuo Chen, Yuanyuan Yuan, Shuai Wang","doi":"10.14722/ndss.2023.24103","DOIUrl":"https://doi.org/10.14722/ndss.2023.24103","url":null,"abstract":"—The rapid adoption of deep neural network (DNN) models on a variety of hardware platforms has boosted the development of deep learning (DL) compilers. DL compilers take as input the high-level DNN model speciﬁcations and generate optimized DNN executables for diverse hardware architectures like CPUs and GPUs. Despite the emerging adoption of DL compilers in real-world scenarios, no solutions exist to protect DNN executables. To ﬁll this critical gap, this paper introduces OBS AN , a fast sanitizer designed to check for out-of-bound (OOB) behavior in DNN executables. Holistically, DNN incorporates bidirectional computation : forward propagation which predicts an output based on an input, and backward propagation which characterizes how the forward prediction is made. Both the neuron activations in forward propagation and gradients in backward propagation should fall within valid ranges, and deviations from these ranges would be considered as OOB. OOB is primarily related to unsafe behavior of DNNs, which root from anomalous inputs and may cause mispredictions or even exploitation via adversarial examples (AEs). We thus design OBS AN , which includes two variants, FOBS AN and BOBS AN , to detect OOB in forward and backward propagations, respectively. Each OBS AN variant is designed as extra passes of DL compilers to integrate with large-scale DNN models, and we design various optimization schemes to reduce the overhead of OBS AN . Evaluations over various anomalous inputs show that OBS AN manifests promising OOB detectability with low overhead. We further present two downstream applications to show how OBS AN prevents online AE generation and facilitates feedback-driven fuzz testing toward DNN executables.","PeriodicalId":199733,"journal":{"name":"Proceedings 2023 Network and Distributed System Security Symposium","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125137447","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A Security Study about Electron Applications and a Programming Methodology to Tame DOM Functionalities 电子应用的安全性研究及驯服DOM功能的编程方法

Proceedings 2023 Network and Distributed System Security Symposium Pub Date : 1900-01-01 DOI: 10.14722/ndss.2023.24305

Zihao Jin, Shuo Chen, Yang Chen, Haixin Duan, Jianjun Chen, Jianping Wu

{"title":"A Security Study about Electron Applications and a Programming Methodology to Tame DOM Functionalities","authors":"Zihao Jin, Shuo Chen, Yang Chen, Haixin Duan, Jianjun Chen, Jianping Wu","doi":"10.14722/ndss.2023.24305","DOIUrl":"https://doi.org/10.14722/ndss.2023.24305","url":null,"abstract":"—The Electron platform represents a paradigm to develop modern desktop apps using HTML and JavaScript. Microsoft Teams, Visual Studio Code and other flagship products are examples of Electron apps. This new paradigm inherits the security challenges in web programming into the desktop-app realm, thus opens a new way for local-machine exploitation. We conducted a security study about real-world Electron apps, and discovered many vulnerabilities that are now confirmed by the app vendors. The conventional wisdom is to view these bugs as sanitization errors . Accordingly, secure programming requires programmers to explicitly enumerate all kinds of unexpected inputs to sanitize. We believe that secure programming should focus on specifying programmers’ intentions as opposed to their non-intentions. We introduce a concept called DOM-tree type , which expresses the set of DOM trees that an app expects to see during execution, so an exploit will be caught as a type violation. With insights into the HTML standard and the Chromium engine, we build the DOM-tree type mechanism into the Electron platform. The evaluations show that the methodology is practical, and it secures all vulnerable apps that we found in the study.","PeriodicalId":199733,"journal":{"name":"Proceedings 2023 Network and Distributed System Security Symposium","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121136093","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 1

StealthyIMU: Stealing Permission-protected Private Information From Smartphone Voice Assistant Using Zero-Permission Sensors StealthyIMU:使用零权限传感器从智能手机语音助手窃取许可保护的私人信息

Proceedings 2023 Network and Distributed System Security Symposium Pub Date : 1900-01-01 DOI: 10.14722/ndss.2023.24077

Ke Sun, C. Xia, Songlin Xu, Xinyu Zhang

引用次数: 0