Defense against software exploits

Abstract : In the beginning of the third millennium we are witnessing a new age. This new age is characterized by the shift from an industrial economy to an economy based on information technology. It is the Information Age. Today, we rely on software in practically every aspect of our life. Information technology is used by all economic actors: manufactures, governments, banks, universities, hospitals, retail stores, etc. A single software vulnerability can lead to devastating consequences and irreparable damage. The situation is worsened by the software becoming larger and more complex making the task of avoiding software flaws more and more difficult task. Automated tools finding those vulnerabilities rapidly before it is late, are becoming a basic need for software industry community. This thesis is investigating security vulnerabilities occurring in C language applications. We searched the sources of these vulnerabilities with a focus on C library functions calling. We dressed a list of property checks to detect code portions leading to security vulnerabilities. Those properties give for a library function call the conditions making this call a source of a security vulnerability. When these conditions are met the corresponding call must be reported as vulnerable. These checks were implemented in Carto-C tool and experimented on the Juliet test base and on real life application sources. We also investigated the detection of exploitable vulnerability at binary code level. We started by defining what an exploitable vulnerability behavioral patterns are. The focus was on the most exploited vulnerability classes such as stack buffer overflow, heap buffer overflow and use-after-free. After, a new method on how to search for this patterns by exploring application execution paths is proposed. During the exploration, necessary information is extracted and used to find the patterns of the searched vulnerabilities. This method was implemented in our tool Vyper and experimented successfully on Juliet test base and real life application binaries.level. We started by defining what an exploitable vulnerability behavioral patterns are. The focus was on the most exploited vulnerability classes such as stack buffer overflow, heap buffer overflow and use-after-free. After, a new method on how to search for this patterns exploring application execution paths is proposed. During the exploration, necessary information is extracted and used to find the patterns of the searched vulnerabilities. This method was implemented in our Vyper tool and experimented successfully on Juliet test base and real life application binaries
Document type :
Theses
Complete list of metadatas

Cited literature [128 references]  Display  Hide  Download

https://tel.archives-ouvertes.fr/tel-01970951
Contributor : Abes Star <>
Submitted on : Sunday, January 6, 2019 - 2:54:07 PM
Last modification on : Wednesday, September 4, 2019 - 1:52:18 PM
Long-term archiving on : Sunday, April 7, 2019 - 12:21:08 PM

File

TH2018PESC1015.pdf
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01970951, version 1

Collections

Citation

El Habib Boudjema. Defense against software exploits. Mathematical Software [cs.MS]. Université Paris-Est, 2018. English. ⟨NNT : 2018PESC1015⟩. ⟨tel-01970951⟩

Share

Metrics

Record views

183

Files downloads

312