Abstract
Weaknesses in software security have been numerous, sometimes startling, and often serious. Many of them stem from apparently small low-level errors (e.g., buffer overflows). Ideally, those errors should be avoided by design, or at least fixed after the fact. In practice, on the other hand, we may have to tolerate some vulnerabilities, with appropriate models, architectures, and tools.
This short paper is intended to accompany a talk at the 18th International Symposium on Formal Methods (FM 2012). The talk will discuss software security with an emphasis on low-level attacks and defenses and on their formal aspects. It will focus on systematic mitigations (specifically, techniques for layout randomization and control-flow integrity) that aim to be effective in the presence of buggy software and powerful attackers.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Abadi, M.: Protection in Programming-Language Translations. In: Larsen, K.G., Skyum, S., Winskel, G. (eds.) ICALP 1998. LNCS, vol. 1443, pp. 868–883. Springer, Heidelberg (1998)
Abadi, M., Budiu, M., Erlingsson, Ú., Ligatti, J.: Control-Flow Integrity: Principles, Implementations, and Applications. ACM Transactions on Information and System Security 13(1), 1–40 (2009)
Abadi, M., Plotkin, G.D.: On protection by layout randomization. ACM Transactions on Information and System Security (to appear, 2012); The talk at FM 2012 will also cover an unpublished variant, joint work with Jérémy Planul
Cowan, C., Pu, C., Maier, D., Hinton, H., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q.: StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In: Proceedings of the 7th Usenix Security Symposium, pp. 63–78 (1998)
Druschel, P., Peterson, L.L.: High-Performance Cross-Domain Data Transfer. Technical Report TR 92-11, Department of Computer Science, The University of Arizona (March 1992)
Erlingsson, Ú.: Low-Level Software Security: Attacks and Defenses. In: Aldini, A., Gorrieri, R. (eds.) FOSAD 2007. LNCS, vol. 4677, pp. 92–134. Springer, Heidelberg (2007)
Forrest, S., Somayaji, A., Ackley, D.H.: Building Diverse Computer Systems. In: 6th Workshop on Hot Topics in Operating Systems, pp. 67–72 (1997)
Gasser, M.: Building a Secure Computer System. Van Nostrand Reinhold, New York (1988)
Jagadeesan, R., Pitcher, C., Rathke, J., Riely, J.: Local Memory Via Layout Randomization. In: Proceedings of the 24th IEEE Computer Security Foundations Symposium, pp. 161–174 (2011)
Kiriansky, V., Bruening, D., Amarasinghe, S.: Secure Execution Via Program Shepherding. In: Proceedings of the 11th Usenix Security Symposium, pp. 191–206 (2002)
McCamant, S., Morrisett, G.: Evaluating SFI for a CISC Architecture. In: Proceedings of the 15th USENIX Security Symposium, pp. 15–15 (2006)
McLean, J.: Security models. In: Marciniak, J. (ed.) Encyclopedia of Software Engineering. Wiley & Sons (1994)
Morrisett, G., Tan, G., Tassarotti, J., Tristan, J.-B., Gan, E.: RockSalt: Better, Faster, Stronger SFI for the x86. In: 33rd ACM SIGPLAN Conference on Programming Language Design and Implementation (to appear, 2012)
Pappas, V., Polychronakis, M., Keromytis, A.D.: Smashing the Gadgets: Hindering Return-Oriented Programming Using in-Place Code Randomization. In: IEEE Symposium on Security and Privacy, pp. 601–615 (2012)
PaX Project. The PaX project (2004), http://pax.grsecurity.net/
Pincus, J., Baker, B.: Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns. IEEE Security and Privacy 2(4), 20–27 (2004)
Pucella, R., Schneider, F.B.: Independence from Obfuscation: A Semantic Framework for Diversity. In: 19th IEEE Computer Security Foundations Workshop, pp. 230–241 (2006)
Sotirov, A., Dowd, M.: Bypassing Browser Memory Protections: Setting Back Browser Security by 10 Years (2008), http://www.blackhat.com/presentations/bh-usa-08/Sotirov_Dowd/bh08-sotirov-dowd.pdf
Wahbe, R., Lucco, S., Anderson, T.E., Graham, S.L.: Efficient Software-Based Fault Isolation. ACM SIGOPS Operating Systems Review 27(5), 203–216 (1993)
Yang, J., Hawblitzel, C.: Safe to the Last Instruction: Automated Verification of a Type-Safe Operating System. Communications of the ACM 54(12), 123–131 (2011)
Yee, B., Sehr, D., Dardyk, G., Bradley Chen, J., Muth, R., Ormandy, T., Okasaka, S., Narula, N., Fullagar, N.: Native Client: a Sandbox for Portable, Untrusted x86 Native Code. Communications of the ACM 53(1), 91–99 (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Abadi, M. (2012). Software Security: A Formal Perspective. In: Giannakopoulou, D., Méry, D. (eds) FM 2012: Formal Methods. FM 2012. Lecture Notes in Computer Science, vol 7436. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32759-9_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-32759-9_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32758-2
Online ISBN: 978-3-642-32759-9
eBook Packages: Computer ScienceComputer Science (R0)