Modelling Metamorphism by Abstract Interpretation

Preda, Mila Dalla; Giacobazzi, Roberto; Debray, Saumya; Coogan, Kevin; Townsend, Gregg M.

doi:10.1007/978-3-642-15769-1_14

Cited by 8 publications

(1 citation statement)

References 19 publications

(21 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the context of adaptive systems this approach is impractical, since the presence of many different objects, which may interact in complex and even unpredictable ways, makes the system difficult to describe and the analysis a daunting task: considering all possible interactions and behaviours, including those which will never happen in the deployed system, could easily produce a combinatorial explosion. A key point to tackle these problems is to define suitable abstract semantics able to capture the structure of programs that change at run-time, taking inspiration from the techniques used for modelling self-modifying/metamorphic malware in [14].…”

Section: Abstract Interpretationmentioning

confidence: 99%

Developing correct, distributed, adaptive software

Preda

Gabbrielli

Giallorenzo

et al. 2015

Science of Computer Programming

Self Cite

View full text Add to dashboard Cite

Section: Abstract Interpretationmentioning

confidence: 99%

Developing correct, distributed, adaptive software

Preda

Gabbrielli

Giallorenzo

et al. 2015

Science of Computer Programming

Self Cite

View full text Add to dashboard Cite

Abstract Interpretation of Indexed Grammars

Campion

Preda

Giacobazzi

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Adversarial Reachability for Program-level Security Analysis

Ducousso

Bardin

Potet

2023

Programming Languages and Systems

View full text Add to dashboard Cite

Many program analysis tools and techniques have been developed to assess program vulnerability. Yet, they are based on the standard concept of reachability and represent an attacker able to craft smart legitimate input, while in practice attackers can be much more powerful, using for instance micro-architectural exploits or fault injection methods. We introduce adversarial reachability, a framework allowing to reason about such advanced attackers and check whether a system is vulnerable or immune to a particular attacker. As equipping the attacker with new capacities significantly increases the state space of the program under analysis, we present a new symbolic exploration algorithm, namely adversarial symbolic execution, injecting faults in a forkless manner to prevent path explosion, together with optimizations dedicated to reduce the number of injections to consider while keeping the same attacker power. Experiments on representative benchmarks from fault injection show that our method significantly reduces the number of adversarial paths to explore, allowing to scale up to 10 faults where prior work timeout for 3 faults. In addition, we analyze the well-tested WooKey bootloader, and demonstrate the ability of our analysis to find attacks and evaluate countermeasures in real-life security scenarios. We were especially able to find an attack not mentioned in a previous patch.

show abstract

Modelling Metamorphism by Abstract Interpretation

Cited by 8 publications

References 19 publications

Developing correct, distributed, adaptive software

Developing correct, distributed, adaptive software

Abstract Interpretation of Indexed Grammars

Adversarial Reachability for Program-level Security Analysis

Contact Info

Product

Resources

About