constant gardener
Download
Skip this Video
Download Presentation
Constant Gardener

Loading in 2 Seconds...

play fullscreen
1 / 15

Constant Gardener - PowerPoint PPT Presentation


  • 108 Views
  • Uploaded on

Constant Gardener. Technical Design Sam Lightbody. Overview. Server focused security tool The clients primary goal is to prevent privilege escalation attacks. We’ll achieve this using the DynamoRIO API to modify processes as they run . Designed for system administrators. Design Pattern.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Constant Gardener' - moshe


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
constant gardener

ConstantGardener

Technical Design

Sam Lightbody

overview
Overview
  • Server focused security tool
  • The clients primary goal is to prevent privilege escalation attacks.
  • We’ll achieve this using the DynamoRIO API to modify processes as they run.
  • Designed for system administrators.
design pattern
Design Pattern
  • Event Driven Architecture
  • Necessitated by DynamoRIO
  • Once initialized Constant Gardener waits for external events
data structures
Data Structures
  • Object dump results
    • Holds line by line objdump results for target binary
    • Records previous and next lines, memory address of line, opcode, and operands
  • Control Flow Graph
    • Holds constructed control-flow graph.
    • Records start and end of basic block, parent block, and child block(s).
roadmap
Roadmap
  • The CFG and Interception aspects of Constant Gardener must be built sequentially
  • Memory protection will be worked on throughout the course of the project when time allows
milestone 1 30
Milestone 1 – 30%
  • Successful construction of Control Flow Graph
  • Thorough testing on validity of CFG
  • Begin work on stack trace implementation
milestone 2 70
Milestone 2 – 70%
  • Implemented path-matching algorithm
    • Client uses algorithm to accurately compare a stack trace with the Control Flow Graph
  • Client allows or denies system calls based on above
  • Basic memory write checks in place
milestone 3 80
Milestone 3 – 80%
  • Performance impact analysis of path-matching and escalation denial
  • Optimization of path-matching and denials
  • Optimization and analysis of memory checks
milestone 4 90
Milestone 4 – 90%
  • Final performance impact analysis on memory

checks

  • Add visual output to real time identification process
milestone 5 100
Milestone 5 – 100%
  • Final clean up and optimization of code base
  • Scenario testing
  • Basic logging capabilities implemented
ad