Constant gardener
Download
1 / 15

Constant Gardener - PowerPoint PPT Presentation


  • 106 Views
  • Uploaded on

Constant Gardener. Technical Design Sam Lightbody. Overview. Server focused security tool The clients primary goal is to prevent privilege escalation attacks. We’ll achieve this using the DynamoRIO API to modify processes as they run . Designed for system administrators. Design Pattern.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Constant Gardener' - moshe


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Constant gardener

ConstantGardener

Technical Design

Sam Lightbody


Overview
Overview

  • Server focused security tool

  • The clients primary goal is to prevent privilege escalation attacks.

  • We’ll achieve this using the DynamoRIO API to modify processes as they run.

  • Designed for system administrators.


Design pattern
Design Pattern

  • Event Driven Architecture

  • Necessitated by DynamoRIO

  • Once initialized Constant Gardener waits for external events



Data structures
Data Structures

  • Object dump results

    • Holds line by line objdump results for target binary

    • Records previous and next lines, memory address of line, opcode, and operands

  • Control Flow Graph

    • Holds constructed control-flow graph.

    • Records start and end of basic block, parent block, and child block(s).





Roadmap
Roadmap

  • The CFG and Interception aspects of Constant Gardener must be built sequentially

  • Memory protection will be worked on throughout the course of the project when time allows


Milestone 1 30
Milestone 1 – 30%

  • Successful construction of Control Flow Graph

  • Thorough testing on validity of CFG

  • Begin work on stack trace implementation


Milestone 2 70
Milestone 2 – 70%

  • Implemented path-matching algorithm

    • Client uses algorithm to accurately compare a stack trace with the Control Flow Graph

  • Client allows or denies system calls based on above

  • Basic memory write checks in place


Milestone 3 80
Milestone 3 – 80%

  • Performance impact analysis of path-matching and escalation denial

  • Optimization of path-matching and denials

  • Optimization and analysis of memory checks


Milestone 4 90
Milestone 4 – 90%

  • Final performance impact analysis on memory

    checks

  • Add visual output to real time identification process


Milestone 5 100
Milestone 5 – 100%

  • Final clean up and optimization of code base

  • Scenario testing

  • Basic logging capabilities implemented



ad