Ημερολόγιο Εκδηλώσεων
Προβολή ημερολογίου
Προβολή λίστας
iCal - Εκδηλώσεις μήνα
RSS - Εκδηλώσεις μήνα27
Ιουν
Κατηγορία:
Παρουσίαση Διπλωματικής Εργασίας
ΗΜΜΥ
Λ - Κτίριο Επιστημών/ΗΜΜΥ, Αίθουσα Συνεδριάσεων Σχολής ΗΜΜΥ
27/06/2016 11:00 - 12:00Περιγραφή:
ΠΟΛΥΤΕΧΝΕΙΟ ΚΡΗΤΗΣ Σχολή Ηλεκτρονικών Μηχανικών και Μηχανικών Υπολογιστών ΠΑΡΟΥΣΙΑΣΗ ΔΙΠΛΩΜΑΤΙΚΗΣ ΕΡΓΑΣΙΑΣ Εξεταζόμενος φοιτητής: Βάιος Ταξιάρχης Θέμα Διπλωματικής Εργασίας: “Επέκταση του επεξεργαστή LEON για την αποδοτική υποστήριξη σε υλικό της Παρακολούθησης Δυναμικής Ροής Πληροφοριών” “Efficient hardware support for Dynamic Information Flow Tracking (DIFT) in the LEON processor” Τριμελής Εξεταστική Επιτροπή: Καθ. Διονύσιος Πνευματικάτος (επιβλέπων) Καθ. Απόστολος Δόλλας Επίκ. Καθ. Βασίλειος Σαμολαδάς Abstract: Computer security is of growing importance due to the increasing reliance of computer systems in most societies. Software vulnerabilities can be seen as flaws or weaknesses in the system that can be exploited by an attacker in order to alter the normal behavior of the system. As a consequence, vulnerabilities in the production of software make necessary to have tools that can help programmers to avoid or detect them in the development of the code. Existing defenses, such as canaries or web application firewalls, often suffer from compatibility issues or are easily evaded by a professional attacker. Security defenses should focus on safety, speed, flexibility, practicality and end-to-end coverage. Recent researches have shown that Dynamic Information Flow Tracking (DIFT) is a promising technique for detecting a wide range of security attacks. DIFT tracks the flow of untrusted information within a program’s runtime by extending memory and registers with tags. With hardware support, DIFT can provide comprehensive protection against input validation attacks with minimal performance overhead. Thus, in relation to our on-going research on vulnerability detection, this thesis presents the design and implementation of a hardware platform for DIFT, based on the synthesizable LEON processor. The specific platform is an extension of the LEON processor with additional instructions for data-flow integrity support. Specifically it can track “tag” information along data within the processor pipeline and through computations, if we install appropriate Linux-based operating system. The modified processor protects applications from low-level memory corruption exploits (such as buffer overflows or format string attacks) and can be extended so as to protect from high-level semantic vulnerabilities (such as SQL injections or cross-site scripting) in future work. The processor includes also support to trapping when unsafe data are used as pointers to prevent information leakage.
ΠΟΛΥΤΕΧΝΕΙΟ ΚΡΗΤΗΣ Σχολή Ηλεκτρονικών Μηχανικών και Μηχανικών Υπολογιστών ΠΑΡΟΥΣΙΑΣΗ ΔΙΠΛΩΜΑΤΙΚΗΣ ΕΡΓΑΣΙΑΣ Εξεταζόμενος φοιτητής: Βάιος Ταξιάρχης Θέμα Διπλωματικής Εργασίας: “Επέκταση του επεξεργαστή LEON για την αποδοτική υποστήριξη σε υλικό της Παρακολούθησης Δυναμικής Ροής Πληροφοριών” “Efficient hardware support for Dynamic Information Flow Tracking (DIFT) in the LEON processor” Τριμελής Εξεταστική Επιτροπή: Καθ. Διονύσιος Πνευματικάτος (επιβλέπων) Καθ. Απόστολος Δόλλας Επίκ. Καθ. Βασίλειος Σαμολαδάς Abstract: Computer security is of growing importance due to the increasing reliance of computer systems in most societies. Software vulnerabilities can be seen as flaws or weaknesses in the system that can be exploited by an attacker in order to alter the normal behavior of the system. As a consequence, vulnerabilities in the production of software make necessary to have tools that can help programmers to avoid or detect them in the development of the code. Existing defenses, such as canaries or web application firewalls, often suffer from compatibility issues or are easily evaded by a professional attacker. Security defenses should focus on safety, speed, flexibility, practicality and end-to-end coverage. Recent researches have shown that Dynamic Information Flow Tracking (DIFT) is a promising technique for detecting a wide range of security attacks. DIFT tracks the flow of untrusted information within a program’s runtime by extending memory and registers with tags. With hardware support, DIFT can provide comprehensive protection against input validation attacks with minimal performance overhead. Thus, in relation to our on-going research on vulnerability detection, this thesis presents the design and implementation of a hardware platform for DIFT, based on the synthesizable LEON processor. The specific platform is an extension of the LEON processor with additional instructions for data-flow integrity support. Specifically it can track “tag” information along data within the processor pipeline and through computations, if we install appropriate Linux-based operating system. The modified processor protects applications from low-level memory corruption exploits (such as buffer overflows or format string attacks) and can be extended so as to protect from high-level semantic vulnerabilities (such as SQL injections or cross-site scripting) in future work. The processor includes also support to trapping when unsafe data are used as pointers to prevent information leakage.
