Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC

Filters

1
1 1
1 1
Reset filters

Settings
Now showing 1 - 2 of 2
  • Publication
    Compiler-based Attack Origin Tracking with Dynamic Taint Analysis
    ( 2022)
    Braunsdorf, Oliver
    ;
    Sessinghaus, Stefan
    ;
    Horsch, Julian
    Over the last decade, many exploit mitigations based on Control Flow Integrity (CFI) have been developed to secure programs from being hijacked by attackers. However, most of them only abort the protected application after attack detection, producing no further information for attack analysis. Solely restarting the application leaves it open for repeated attack attempts. We propose Resilient CFI, a compiler-based CFI approach that utilizes dynamic taint analysis to detect code pointer overwrites and trace attacks back to their origin. Gained insights can be used to identify attackers and exclude them from further communication with the application. We implemented our approach as extension to LLVM’s Dataflow Sanitizer, an actively maintained data-flow tracking engine. Our results show that control-flow hijacking attempts can be reliably detected. Compared to previous approaches based on Dynamic Binary Instrumentation, our compiler-based static instrumentation introduces less run-time overhead: on average 3.52x for SPEC CPU2017 benchmarks and 1.56x for the real-world web server NginX.
  • Publication
    A Rapid Innovation Framework for Connected Mobility Applications
    (Fraunhofer ESK, 2018)
    Pöhn, Daniela
    ;
    Wessel, Sascha
    ;
    Fischer, Felix
    ;
    Braunsdorf, Oliver
    ;
    Wenninger, Franz
    ;
    Seydel, Dominique
    ;
    Weiß, Gereon
    ;
    Roscher, Karsten
    ;
    Freese-Wagner, Manuela
    Connected Mobility Applications help to continuously improve traffic safety and efficiency. Today, much time and effort have to be invested to bring an idea into a safe prototype and to finally launch a reliable product.Software development tools have to adapt to these requirements. They have to support a rapid and continuous development process, that allows to test and validate the distributed application as one overall system. When developing cooperative applications, a higher design complexity has to be handled, as components are distributed over heterogeneous systems that interact with a varying timing behavior and less data confidence. Also, test and validation become more complex. Our Innovation Framework is intended to rapidly bring an idea for a connected application into a prototype so the investment risk for innovative applications is reduced. In this whitepaper we describe the approach of a Rapid InnovationTool Kit that is intended to speed up the development process for connected mobility applications. Thereby, a safe and secure prototype is available at an early development phase to gain experience within field tests that help to rapidly improve the intended application. Our software tool kit is able to find deviations from the specified behaviour and also it can instantly locate and identify erroneous functions within distributed systems. Extensive security tests can then be applied on the implemented application to ensure a secure operation. Another use case for the described testbed is to evaluate communication technologies and to find the most suitable transmission technology for a certain application. For example, short range communication with the 802.11p WLAN technology or the upcoming LTE enhancement LTE-V2X are comparable within specific scenarios. This evaluation can help to reduce the investment risk for the deployment of connected applications.