Martín Ochoa, Sebastian Banescu, Cynthia Disenfeld, G. Barthe, Vijay Ganesh
{"title":"远程攻击的概率防御机制推理","authors":"Martín Ochoa, Sebastian Banescu, Cynthia Disenfeld, G. Barthe, Vijay Ganesh","doi":"10.1109/EuroSP.2017.30","DOIUrl":null,"url":null,"abstract":"Despite numerous countermeasures proposed by practitioners andresearchers, remote control-flow alteration of programs withmemory-safety vulnerabilities continues to be a realisticthreat. Guaranteeing that complex software is completely free of memory-safety vulnerabilities is extremely expensive. Probabilistic countermeasures that depend on random secret keys are interesting, because they are an inexpensive way to raise the bar for attackers who aim to exploit memory-safety vulnerabilities. Moreover, some countermeasures even support legacy systems. However, it is unclear how to quantify and compare the effectiveness of different probabilistic countermeasures or combinations of such countermeasures. In this paper we propose a methodology to rigorously derive security boundsfor probabilistic countermeasures. We argue that by representingsecurity notions in this setting as events in probabilistic games, similarly as done with cryptographic security definitions, concreteand asymptotic guarantees can be obtained against realisticattackers. These guarantees shed light on the effectiveness of singlecountermeasures and their composition and allow practitioners to moreprecisely gauge the risk of an attack.","PeriodicalId":233564,"journal":{"name":"2017 IEEE European Symposium on Security and Privacy (EuroS&P)","volume":"80 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-01-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Reasoning about Probabilistic Defense Mechanisms against Remote Attacks\",\"authors\":\"Martín Ochoa, Sebastian Banescu, Cynthia Disenfeld, G. Barthe, Vijay Ganesh\",\"doi\":\"10.1109/EuroSP.2017.30\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Despite numerous countermeasures proposed by practitioners andresearchers, remote control-flow alteration of programs withmemory-safety vulnerabilities continues to be a realisticthreat. Guaranteeing that complex software is completely free of memory-safety vulnerabilities is extremely expensive. Probabilistic countermeasures that depend on random secret keys are interesting, because they are an inexpensive way to raise the bar for attackers who aim to exploit memory-safety vulnerabilities. Moreover, some countermeasures even support legacy systems. However, it is unclear how to quantify and compare the effectiveness of different probabilistic countermeasures or combinations of such countermeasures. In this paper we propose a methodology to rigorously derive security boundsfor probabilistic countermeasures. We argue that by representingsecurity notions in this setting as events in probabilistic games, similarly as done with cryptographic security definitions, concreteand asymptotic guarantees can be obtained against realisticattackers. These guarantees shed light on the effectiveness of singlecountermeasures and their composition and allow practitioners to moreprecisely gauge the risk of an attack.\",\"PeriodicalId\":233564,\"journal\":{\"name\":\"2017 IEEE European Symposium on Security and Privacy (EuroS&P)\",\"volume\":\"80 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-01-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE European Symposium on Security and Privacy (EuroS&P)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EuroSP.2017.30\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE European Symposium on Security and Privacy (EuroS&P)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EuroSP.2017.30","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Reasoning about Probabilistic Defense Mechanisms against Remote Attacks
Despite numerous countermeasures proposed by practitioners andresearchers, remote control-flow alteration of programs withmemory-safety vulnerabilities continues to be a realisticthreat. Guaranteeing that complex software is completely free of memory-safety vulnerabilities is extremely expensive. Probabilistic countermeasures that depend on random secret keys are interesting, because they are an inexpensive way to raise the bar for attackers who aim to exploit memory-safety vulnerabilities. Moreover, some countermeasures even support legacy systems. However, it is unclear how to quantify and compare the effectiveness of different probabilistic countermeasures or combinations of such countermeasures. In this paper we propose a methodology to rigorously derive security boundsfor probabilistic countermeasures. We argue that by representingsecurity notions in this setting as events in probabilistic games, similarly as done with cryptographic security definitions, concreteand asymptotic guarantees can be obtained against realisticattackers. These guarantees shed light on the effectiveness of singlecountermeasures and their composition and allow practitioners to moreprecisely gauge the risk of an attack.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
