Sergey Bratus

TOCTOU, Traps, and Trusted Computing

The security of the standard TCG architecture depends on whether the values in the PCRs match the actual platform configuration. However, this design admits potential for time-of-check time-of-usevulnerabilities: a PCR reflects the state of code and data when it was measured, not when the TPM uses a credential or signs an attestation based on that measurement. We demonstrate how an attacker with sufficient privileges can compromise the integrity of a TPM-protected system by modifying critical loaded code and static data after measurement has taken place. To solve this problem, we explore using the MMU and the TPM in concert to provide a memory event trapping framework, in which trap handlers perform TPM operations to enforce a security policy. Our framework proposal includes modifying the MMU to support selective memory immutability and generate higher granularity memory access traps. To substantiate our ideas, we designed and implemented a software prototype system employing the monitoring capabilities of the Xen virtual machine monitor.

Intrusion detection for resource-constrained embedded control systems in the power grid

Abstract The power grid depends on embedded control systems or SCADA systems to function properly. Securing these systems presents unique challenges—in addition to the resource restrictions inherent to embedded devices, SCADA systems must accommodate strict timing requirements that are non-negotiable, and their massive scale greatly amplifies costs such as power consumption. Together, these constraints make the conventional approach to host intrusion detection–using a hypervisor to create a safe environment from which a monitoring entity can operate–too costly or impractical for embedded control systems in the critical infrastructure. This paper discusses the design and implementation of Autoscopy, an experimental host-based intrusion detection mechanism that operates from within the kernel and leverages its built-in tracing framework to identify control-flow anomalies, which are most often caused by rootkits that hijack kernel hooks. The paper presents the concepts underlying the original Autoscopy prototype, highlights some of the issues that arose from it, and introduces the new system, dubbed Autoscopy Jr., which addresses the issues. Tests on non-embedded systems demonstrated that the monitoring scope could be managed to limit Autoscopy Jr.’s performance impact on its host to under 5%. The paper also describes the use of an optimized probe framework to reduce overhead and the test results obtained for a hardened kernel. The results demonstrate that Autoscopy Jr.’s design and effectiveness render it uniquely suited to intrusion detection for SCADA systems.

Distributed monitoring of conditional entropy for anomaly detection in streams

In this work we consider the problem of monitoring information streams for anomalies in a scalable and efficient manner. We study the problem in the context of network streams where the problem has received significant attention.

The cake is a lie: privilege rings as a policy resource

Components of commodity OS kernels typically execute at the same privilege level. Consequently, the compromise of even a single component undermines the trustworthiness of the entire kernel and its ability to enforce separation between user-level processes. Reliably containing the extent of a compromised kernel component is a problem to which few practical solutions exist. While many approaches have been proposed to reduce the need to trust large portions of the kernel, most of these approaches represent exotic reorganizations of the hardware or OS kernel that are either not applicable to commodity systems or are relatively complex and difficult to debug in their own right (e.g., microkernels). We propose simple, natural modifications to commodity---x86---hardware that enable vertical isolation down through the kernel without the use of virtualization or major OS rewrites; specifically, extending and reinterpreting the x86 segmentation mechanism, extending the existing Current Privilege Level and Descriptor Privilege Level fields. We believe our proposal is a compelling alternative to traditional virtualization because the hardware virtualizes permissions, not I/O.

IDENTIFYING VULNERABILITIES IN SCADA SYSTEMS VIA FUZZ-TESTING

Security vulnerabilities typically arise from bugs in input validation and in the application logic. Fuzz-testing is a popular security evaluation technique in which hostile inputs are crafted and passed to the target software in order to reveal bugs. However, in the case of SCADA systems, the use of proprietary protocols makes it difficult to apply existing fuzz-testing techniques as they work best when the protocol semantics are known, targets can be instrumented and large network traces are available. This paper describes a fuzz-testing solution involving LZFuzz, an inline tool that provides a domain expert with the ability to effectively fuzz SCADA devices.

The Seven Turrets of Babel: A Taxonomy of LangSec Errors and How to Expunge Them

Input-handling bugs share two common patterns: insufficient recognition, where input-checking logic is unfit to validate a programs assumptions about inputs, %leading to the code acting on invalid inputs, and parser differentials, wherein two or more components of a system fail to interpret input equivalently. We argue that these patterns are artifacts of avoidable weaknesses in the development process and explore these patterns both in general and via recent CVE instances. We break ground on defining the input-handling code weaknesses that should be actionable findings and propose a refactoring of existing CWEs to accommodate them. We propose a set of new CWEs to name such weaknesses that will help code auditors and penetration testers precisely express their findings of likely vulnerable code structures.

Beyond Planted Bugs in "Trusting Trust": The Input-Processing Frontier

Big data is changing the landscape of security tools for network monitoring, security information and event management, and forensics; however, in the eternal arms race of attack and defense, security researchers must keep exploring novel ways to mitigate and contain sophisticated attackers.

Lightweight Intrusion Detection for Resource-Constrained Embedded Control Systems

Securing embedded control systems presents a unique challenge. In addition to the resource restrictions inherent to embedded devices, embedded control systems must accommodate strict, non-negotiable timing requirements, and their massive scale greatly increases other costs such as power consumption. These constraints render conventional host-based intrusion detection – using a hypervisor to create a safe environment under which a monitoring entity can operate – costly and impractical.

Katana: Towards Patching as a Runtime Part of the Compiler-Linker-Loader Toolchain

The mechanics of hot patching the process of upgrading a program while it executes remain understudied, even though it offers capabilities that act as practical benefits for both consumer and mission-critical systems. A reliable hot patching procedure would serve particularly well by reducing the downtime necessary for critical functionality or security upgrades. However, hot patching also carries the risk-real or perceived-of leaving the system in an inconsistent state, which leads many owners to forgo its benefits as too risky; for systems where availability is critical, this decision may result in leaving systems un-patched and vulnerable. In this paper, the authors present a novel method for hot patching ELF binaries that supports synchronized global data and code updates, and reasoning about the results of applying the hot patch. In this regard, the Patch Object format was developed to encode patches as a special type of ELF re-locatable object file. The authors then built a tool, Katana, which automatically creates these patch objects as a by-product of the standard source build process. Katana also allows an end-user to apply the Patch Objects to a running process.

SegSlice: towards a new class of secure programming primitives for trustworthy platforms

The TPM is a fairly passive entity. As a result, it can be difficult to involve the TPM in measurements of software trustworthiness beyond simple load-time hashing of static program code. We suggest an approach to dynamic, runtime measurement of software trustworthiness properties as they relate to code-data owernship relationships. We outline a system, SegSlice, that actively involves the TPM in fine-grained labeling and measurement of code slices and the data that these slices operate on. SegSlice requires no changes to x86 hardware, and it relies on the relatively underused x86 segmentation mechanism to mediate access to data events.