Upload
nguyentram
View
225
Download
1
Embed Size (px)
Citation preview
Pre-course Meeting
Secure Coding (IN2106)
Master Praktikum (Lab)
Chair 22, Prof. Dr. Alexander Pretschner
IT IS ABOUT:
• Software protection / Code hardening
• Code analysis / Reverse engineering
• Tampering with program code
IT IS NOT ABOUT:
• Exploiting vulnerabilities in software
• Sniffing info from network packets
2 Secure Coding (IN2106) - Sebastian Banescu
What is Secure Coding?
• Lecturer/Instructor: Sebastian Banescu
• ECTS: 10 (1 ECTS ≈ 30 hours)
• Language: English
• Maximum number of participants: 20
• Prerequisites: C programming
• Recommended:
• X86 Assembly language
• Linux
• Docker
• screen-casting
• Registration: TUMonline matching system https://matching.in.tum.de (starting 1st of July)
Important Details
3 Secure Coding (IN2106) - Sebastian Banescu
Secure Communication
• Attack: Read or modify message
Software Security
• Attack: Exploit bug, take control
Software Protection
• Attack: Extract hidden information
• Attack: Modify code
Attacker Models
4 Secure Coding (IN2106) - Sebastian Banescu
Real-world Examples:
1. Intellectual property theft
2. Cracking licenses
3. Cheating in games
4. Browser hijacking
Man-At-The-End (MATE) Attacker
5 Secure Coding (IN2106) - Sebastian Banescu
Software vendor not the only
victim of MATE attackers
1. Software Developer distributes
software “X” to all end-users
2. Some end-users are MATE
attackers
3. MATE reverse engineers “X”
and builds a hijacker of “X”
4. MATE distributes hijacker to
other end-users of “X”
Software Developer is Not The Only Victim
6 Secure Coding (IN2106) - Sebastian Banescu
What can we do to protect victims?
• Give everyone a different version
Questions:
• Will this deter MATE attackers?
• How can we automatically
generate the different versions?
• Is this used in practice?
Software Diversity
7 Secure Coding (IN2106) - Sebastian Banescu
Example of Software Diversity in Real-World
8 Secure Coding (IN2106) - Sebastian Banescu
Software developer always good?
MATE attackers always bad?
• Software dev: malware writer
• MATE attackers: Virus analysts
• Software protection scenarios
• Software protection tools and techniques
• Reverse engineering and cracking techniques
• Static and dynamic program analysis
• Code obfuscation and diversity
• Tamper-proofing
• …
Topics Covered
9 Secure Coding (IN2106) - Sebastian Banescu
Project Phases (in groups of 2 students)
10 Secure Coding (IN2106) - Sebastian Banescu
1. App Protection
Assets to protect: license check, IP address, control-flow graph, code, etc.
Attacker capabilities: read and modify code
2. Reverse Engineering
Recover assets from protected apps automatically
Use state-of-the-art binary analysis frameworks: angr, radare2, Triton, etc.
3. Verifying Findings
Learn what others did in phase 2
See if you can improve what they did (optional)
4. App Hardening
Apply what you learned in phases 2 and 3 to protect the assets from phase 1
5. Verifying Hardening
Check if the attacks from phases 2 and 3 can be used to break the hardened apps
See if you can create attacks that can break them (optional)
• Code and documents developed in groups for ALL 5 phases: 80%
𝑃𝑟𝑜𝑗 = 0.65 ∗(𝑃1+𝑃2+𝑃4
3)+0.35 ∗ (
𝑃3+𝑃5
2)
• Individual presentation: 20%
• Grade bonus for solving obfuscation challenges: up to 10%
𝐹 = 0.8 ∗ 𝑃𝑟𝑜𝑗 + 0.2 ∗ 𝑃𝑟𝑒𝑠𝑒𝑛𝑡𝑎𝑡𝑖𝑜𝑛 + 0.1 ∗ 𝐵𝑜𝑛𝑢𝑠
Assessment
Phase Code Docs Screen
Casts Grade
1. App Protection 60% 40% 𝑃1 = 0.6 ∗ 𝐶 + 0.4 ∗ 𝐷
2. Reverse Engineering 50% 20% 30% 𝑃2 = 0.5 ∗ 𝐶 + 0.2 ∗ 𝐷 + 0.3 ∗ 𝑆
3. Verify Findings 50% (bonus) 40% 60% 𝑃3 = 0.5 ∗ 𝐶 + 0.4 ∗ 𝐷 + 0.6 ∗ 𝑆
4. App Hardening 60% 40% 𝑃4 = 0.6 ∗ 𝐶 + 0.4 ∗ 𝐷
5. Verify Hardening 50% (bonus) 60% 40% 𝑃5 = 0.5 ∗ 𝐶 + 0.6 ∗ 𝐷 + 0.4 ∗ 𝑆
11 Secure Coding (IN2106) - Sebastian Banescu
1. Surreptitious Software: Obfuscation, Watermarking, and
Tamperproofing for Software Protection, Jasvir Nagra, Christian
Collberg, Pearson Education, Jul 24, 2009
2. The Ida Pro Book: The Unofficial Guide to the World's Most Popular
Disassembler, Chris Eagle No Starch Press, Incorporated, 2011
3. Practical Reverse Engineering: x86, x64, ARM, Windows Kernel,
Reversing Tools, and Obfuscation, Bruce Dang, Alexandre Gazet,
Elias Bachaalany, John Wiley & Sons 2014
Recommended Reading
12 Secure Coding (IN2106) - Sebastian Banescu
Thank you for your attention!
Questions?
Secure Coding (IN2106) - Sebastian Banescu 13