Add to collection(s) Add to saved
  1. Engineering & Technology
Uploaded by International Research Journal of Engineering and Technology (IRJET)

IRJET-An Efficient Hardware-Oriented Runtime Approach for Stack-Based Software Buffer Overflow Attacks on System Compiler

advertisement 
International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 06 Issue: 07 | July 2019
p-ISSN: 2395-0072
www.irjet.net
An Efficient Hardware-Oriented Runtime Approach for Stack-based
Software Buffer Overflow Attacks on System Compiler
Ms. Shivanjali Barkund1, Prof. K.K. Joshi2
1,2Computer
Department, Veermata Jijabai Technological Institute, Mumbai
--------------------------------------------------------------------------***----------------------------------------------------------------------------
Abstract - Software recovery is on additional memory and performance overhead to reduce buffer overflow invasion.
With such overhead, Defender can only use software-only approach for debugging reference. In this paper, we present a
new hardware approach to identify stack-based buffer overflow attacks during the runtime. The original and bundled
information of static variables in the program is automatically archived, archived and compared to any support from
the compiler with the object code. Such approaches are transparent to programmers. Due to the traditional five-stage
pipeline (fetch, decode, execute, memory, and write back), the compiler is used to execute written programs in the
category of creative design of the computer. With the advancement of the Internet, studies related to the development of
cloud-based compilers are being studied. On-line compilers, who have enabled online selection on any user-cumprogrammable program, have increased significantly. This study is specific for on-line GCC compilers to check accuracy,
problems and limitations. This work is done with an overview of Linux compiler security and various threads of server,
network and workstation which are implementing the Compiler Security Configuration module, implementing various
measures to prevent unauthorized system usage. Security is a very broad concept and therefore is the security of this
system. All of the time, people believe that a system is more secure that it is in practice, but the biggest problem is still
the human factor of the users; The possibility of careless or malicious users is usually ignored. Finally, this paper
provides a list of some of the various general vulnerabilities, attacks and remedies.
Keywords: Compiler Hardening, compiler security breaches, integrity
Introduction
Compiler handling is a set of techniques that can be activated by replacing several compiler flags and generally used to protect
the resulting program from memory attack attacks. This mechanism is standard practice since at least 2011, when the Debian
Project is set to release all their packages with a security piring build flag. Ubuntu has followed the same policy regarding their
own construction process. For a number of years, the compiler has not been patched to enable many build-time securityhardening features (relay, stack guards, powerful sources). Debian went the route of other distribution and added safety
jarring while packaging. I am disappointed with this approach because it means that those non-Ubuntu systems will not be
able to get the hard features that make up the software without using the packaging tools. Compilers can go too far and can
remove unwanted code, which can make the system or application more vulnerableEnterprises has demanded a thorough
examination of the security expert's knowledge and expertise and fit solutions according to the requirements of their
organization's operating system. Because most organizations are fast moving in nature, their employees are entering local and
remote crucial IT resources, so there is a need for a secure computer environment. Unfortunately, many organizations (and
personal users) think more about safety, the process which ignores energy, productivity, convenience, use and budgetary
issues. In the proposed research work to create and implement a compiler for the use of various security mechanisms and
techniques, this system also has a protective perspective for runtime attacks. In the first stage system works like a supervised
learning method and in the second stage it works to prevent various compiler attacks.
Literature Survey
In this section system illustrates the background data is important to understand the basic of the research work One of the
object for protecting the application without any knowledge regarding the system source code is by adding security module to
the previous system authentication and authorization.
According to Sajid Abdullah, Srinivasan Sanjay etc. Al [1] presented in the cloud-based compiler, used to run compiler
programs and convert them from text formats into executable formats. Most of the compilers that are installed manually on
each system require space and must be configured if the default parameters are not used. Once the program is compiled it
© 2019, IRJET
|
Impact Factor value: 7.211
|
ISO 9001:2008 Certified Journal
|
Page 1482
International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 06 Issue: 07 | July 2019
p-ISSN: 2395-0072
www.irjet.net
depends on the platform. It is not easy to put the same program code on multiple systems if it does not allow the use of a
system. Another error is that you need to establish a different compliance on each language you want to work on. We fix this in
the form of a cloud-based compiler.
According to Chauhan, Uday. Etc. Al [2] is an Internet based computerized environment presented in cloud computing where
computing, source of energy, storage, development environment, are provided on demand by customers. Different compiling
languages require different compilers for compiling. That is why the same machine must have different compilers. The
rigorous process of establishing different environments on the machine can be overcome by using the cloud compilers. In
today's situation, many cloud-based compilers are available but they have some limitations. They don’t provide the hardware
based infrastructure to compile and execute programs on specific computing.
Ansari M. Arshad according to Arshad Al, [3] Presented in Cloud Compiler, Cloud Computing has been built as an architecture
capable of rapid delivery of computational resources in scalable and virtualized manner. Cloud computing delivers distributed
resources, software and information shared resources on a computer and other devices (usually on the Internet) as a service
to computers. We explore the cloud computing area and evaluate many of its capabilities by developing a compiler of
languages on a private cloud and developing web-based applications to collect the code written in various technologies. Using
cloud computing concepts reduces the problem of portability and storage space. In addition, web-based applications can be
used remotely in any network connection and this is a separate platform
Bonarinianda a. Al, [4] is introduced in the compiler technology for binary analysis and rigors, despite the increasing
popularity of meaningful or byte-compiled languages, other languages that target C / C ++ and the original code are still used
effectively for system programming. Perform a set of challenges compared to program options compiled in native code. In
particular, how we can be efficiently analyzed in this work, how many existing security measures (known as "binary deep
techniques") and focus on how new can be presented to safeguard focused features. We offer rev.ng a binary analysis
framework based on QEMU, popular dynamic binary translators and emulators, and mature and flexible compiler frameworks.
Rev.ng can handle a wide range of architectures and features easily, real-time blocks, work limits, and architectures to recover
prototypes- and features to retrieve ABI-independent ways. Rev.ng can be used for instrumentation, debugging, duplication,
reuse of security features and many other purposes.
According to S. Summit [5] Presented in the earlier testing studies focused on identifying the methods for testing the compilers
using an automated approach as the control of compiler are in the control of the tester. The development of on-line compilers
is heading towards the development of the cloud based compilers. Apart from this, Cloud Compilers can also be easily
upgraded. The compiler has the purpose to provide output in executable format. A series of runtime systems that protect
applications deployed from memory errors. For guidance on the design of our systems, we analyze how memory
allocershandled errors for continuous exploitation of defects. Our system improves the software in two ways: First, they
tolerate memory errors, so programs allow for proper implementation. Second, they reduce the probability of successfully
detecting security vulnerabilities due to memory errors.
According to Nobark, Albert Eugene [6] Memory errors are presented in the software against memory errors, and many
memory errors can be attacked with buffer overflows and anchor pointers. Best of all, this error crashes or performance
decreases. Worst of all, they enable security vulnerabilities, which in turn permits service rejection or remote code execution.
Existing runtime systems provide little protection against these errors. They allow retail errors to crash and the attackers
continuously exploit the weaknesses. The system presents a series of runtime systems that protect applications deployed from
memory errors. For guidance on the design of our systems, we analyze how memory allocers handled errors for continuous
exploitation of defects. Our system improves the software in two ways: First, they tolerate memory errors, so programs allow
for proper implementation. Second, they reduce the probability of successfully detecting security vulnerabilities due to
memory errors.
According to Bergen, Tom, et al. [7] Presented in Korade: For determining multi-translational implementation, many tasks,
including compiler and runtime system, system debugging, test and automatic reactions, make it critically complex. In this
work, we avoid their complication by removing their original cause. Correction is strong in many types of memory errors.
However, in two cases, memory errors can invalidate our crucial guarantee. We stress that COREDET always executes a
program deterministically up to the first such error. The corner cases are memory errors that lead to unexpected accesses. The
© 2019, IRJET
|
Impact Factor value: 7.211
|
ISO 9001:2008 Certified Journal
|
Page 1483
International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 06 Issue: 07 | July 2019
p-ISSN: 2395-0072
www.irjet.net
program is performing one of two fundamentally unsafe operations, neither of which are supported by the underlying
language: makingassumptions about memory layout, or writing to invalid pointers.
Lakshmi Narayanan, Ramkumar, Balaji Dhansekar etc. Al [8] offers a study on the characteristics and limitations of on-line
computer compilers, compilers are used to execute programs written in a class of computational design ranges from text. With
the help of the Internet, studies related to the development of cloud-based compilers are being done. There has been a large
increase in on-line compilers, in which online programs can be compiled without any command users. This study is specific to
online C compilers to check accuracy, problems and limitations. Developer Notifications should be improved by on-line
compilers. Details like architecture, operating system and compiler version are not mentioned. Certain online compilers did
not compile standard library codes. Many compilers have not managed to unsure loop. System calls are supported in compilers
with many registered users, which create security leaks. File management codes are not supported effectively in most
compilers. There is a wide scope for fully-designed online compilers. As a future study the existing C compiler has to be
redesigned to support the cloud requirement and new testing approaches are to be designed. In the compile-time based on the
internet bandwidth and some of the programs did not compile and there is no proper notification, even. Correcting the error is
possible only through compiler error notification which is also less in most compilers.
Mohan, Krishan Shankar, etc. Al. [9] Embedded system security has been presented in the Performance / Performance
Performance Study of the Compiler / Hardware Approach to provide reliable environment for implementation, code
prevention and data harassment, authentication and software, which are the most important security challenges in design.
This small paper of embedded system evaluates the performance of hardware / software co-design methods for embedded
software protection. Secure software is created using Secure Compiler which includes hidden codes in executable code which
are then dynamically verified during the implementation of the reconfigrable hardware components created by Field
Programmable Gate Array (FPGA) technology. Though a holistic viewpoint has been described in other documents, this paper
focuses on security-performance trading and in such an approach, the effect of using compiler optimization. Our results show
that the approach provides software protection with general performance penalties and hardware overhead. There is an
important purpose in embedded systems design. Pure-software methods can not stop hackers fixed and pure-hardware
variants require expensive custom hardware.
Joseph Zambrano et al. Al presented in Safe-Ops: embedded software security compiler / architecture approach, software
security is one of the most important security issues since most successful attacks persecute executable instructions, related
problems related to code understanding, data tampering, and authentication for code manipulation. Four main types of
solutions on the compiler system Le form. Additionally, compiler protection for desktops and servers is a major problem, it is
true that 97% of all processors are processors embedded. The importance of protecting software on an embedded system.
Imagine an attack on a major compiled compiler used in the transport system: As a result, the tampered executables can
interrupt the entire system altogether. Such attacks can be easily replicated because embedded processors are so numerous.
Proposed system design
Figure 1: Proposed system view
© 2019, IRJET
|
Impact Factor value: 7.211
|
ISO 9001:2008 Certified Journal
|
Page 1484
International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 06 Issue: 07 | July 2019
p-ISSN: 2395-0072
www.irjet.net
In this, we identified the correctness-security gap, which arises when a formally sound, correctly implemented optimization
violates security guarantees in source code. We demonstrated with several case studies that this phenomenon manifests with
well-known optimizations implemented in all compilers. We believe this behavior is surprising and unintuitive because
discrepancies between source and compiled code are typically attributed to bugs in compilers. In the proposed system,
different kinds of compiler security breaches/attacks such as Stack buffer overflow, Relro, U2R attacks are examined,
implemented as well as protected the compiler from such exploitable attacks in another module. Some major security
breaches are as follows:
U2R Attack: In this security concern, attacker gets access to the users system using malicious links and accessing the
compilers configuration can change or update the setting.
Buffer Overflows: In this attack, stack attacks that could lead to buffer overflows by changing the buffer size parameters and
increasing redundancy of parameters creates conflicts in runtime compilation and get overflowed.
Read-Only Relocations (RELRO): This reduces the possible areas of memory in a program that can be used by an attacker
that performs a successful GOT-overwrite memory exploit.
Algorithm Design
1. Pattern Matching Algorithm
Pattern Matching Algorithm for sub attack classification using DT In the finding phase, we use the sub-score of Decision Tree
(DT) method to detect each new connection from the collected traffic as fine as trained data point. This phase matches every
new examination with established standard profile to sense an attack.
This included following Steps:
Step 1: Standardized data with means and variances from sample training dataset.
Step 2: Compute each network connection score of each observation with trained rules which map observed dataset to
subspace.
Step 3: Calculate distances of each observation assign arrived connection will have 1 or 2 distance score values be contingent
on the 1-thresholdmethod or 2-thresholds method.
Step 4: Compare thresholds and detection decision: If arrived connection’s distance is greater than any of the assign threshold
value, it consider as anomaly connection. Otherwise, it should be a normal connection.
Similarity Weight Calculation Algorithm
Input: Input packet data as Q which is received by any remote machine
Output: classify the attack as normal or anomaly
Here system have to find similarity of two lists:
and
, where
and
are the
components of the vector (features of the signatures, or values for each word of the comment ) and the is the dimension of
the vectors:
Step 1: Read each row R from Data List L
Step 2: for each (Column c from R)
Step 3: Apply formula (1) on c and Q
Step 4: Score=Calc(c,Q)
© 2019, IRJET
|
Impact Factor value: 7.211
|
ISO 9001:2008 Certified Journal
|
Page 1485
International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 06 Issue: 07 | July 2019
p-ISSN: 2395-0072
www.irjet.net
Step 5: calculate relevancy score for attribute list.
Step 6: assigneach Row to current weight
Step 7: Categorize all instances
Step 8: end for end procedure
Conclusions
In this work, we focused on the implementation and prevention of compiler exploitation. We believe that compiling security
certification is important. The system provides a practical way to gather more information about the source program. A
traditional compiler is designed to focus on the implementable content of the source program and to drop other source-level
information, such as specific types or specific events, implemented in a domain-specific language. On the other hand a certified
compiler can translate such information, so that the external checker allows the compiler to protect important properties. It
allows unauthorized recipients of a compiled code to make sure that the code is the definite order necessary.
Basically system carried out the security preservation from differential privacy attacks, pattern matching algorithm has used
for generate the similarity weight during the packet filtering in testing phase. The system works with two phase first is attack
generation and second is prevention from malicious attacks. When any user generate the remote attack on victim machine
same time system uses generated signatures from background Knowledge (BK), which we already generated from training
phase. According to given threshold if desired weight violate the policy of signature system classify those packets as malicious.
Once any attack identified by system it restores those signatures in BK and provide the efficiency to system like reinforcement
learning or attack responsive system.
References
[1] Abdulla, Sajid, Srinivasan Iyer, and Sanjay Kutty. "Cloud based compiler." International Journal of Students' Research in
Technology & Management 1.3 (2013): 308-322.
[2] Chauhan, Uday. (2016). Online Cloud Based Compilers System.
[3] Ansari M. Arshad, Khan Arshiya et. al, Compilers on Cloud, IJERT, Vol. 2-9, September - 2013
[4]BONARINI, ANDREA et. al, Compiler techniques for binary analysis and hardening, Politecnico di Milano,2018
[5] S. Summit. Comp.lang.c frequently asked questions: http://c-faq.com/.
[6] Novark, Albert Eugene. "Hardening software against memory errors and attacks." (2011).
[7] Bergan, Tom, et al. "CoreDet: a compiler and runtime system for deterministic multithreaded execution." ACM SIGARCH
Computer Architecture News. Vol. 38. No. 1. ACM, 2010.
[8] Lakshminarayanan, Ramkumar, Balaji Dhanasekaran, and Ben George Ephre. "A Study on Features and Limitations of Online C Compilers." arXiv preprint arXiv:1605.02033 (2016).
[9] Mohan, Kripashankar, et al. "Performance study of a compiler/hardware approach to embedded systems security."
International Conference on Intelligence and Security Informatics. Springer, Berlin, Heidelberg, 2005.
[10] JOSEPH ZAMBRENO and ALOK CHOUDHARY et. al.SAFE-OPS: A Compiler/Architecture Approach to Embedded Software
Security,ACM Transactions on Embedded Computing Systems,Rev-3
[11]AMOD NARENDRA NARVEKAR and KIRAN K. JOSHI et. al. Security sandbox model for modern web environment",
International Conference on Nascent Technologies in Engineering, 2017.
© 2019, IRJET
|
Impact Factor value: 7.211
|
ISO 9001:2008 Certified Journal
|
Page 1486
Related documents
CS243 Course Staff Administrivia In Praise of Compiler Technology
CS243 Course Staff Administrivia In Praise of Compiler Technology
XUEJUN YANG 801-618-5068 1012 University Village, UT 84108
XUEJUN YANG 801-618-5068 1012 University Village, UT 84108
Developing online learning and assessment tools for formal
Developing online learning and assessment tools for formal
CS 264 Programming Language Implementation Prof. R. Fateman : Spring, 2004
CS 264 Programming Language Implementation Prof. R. Fateman : Spring, 2004
COURSE SYLLABUS
COURSE SYLLABUS
Download
advertisement