Content

Problems related to memory errors

- Buffer overflows and memory errors countermeasures
- System security
  - Microkernels
  - Hypervisors
  - Access policies

The live lecture will consist of two parts. In the first part you will be divided in groups and you will discuss few questions (from previous exams) related to system security. At the end of the first part someone can present solutions and we will discuss about motivations. In the second part we will answer questions regarding system security and present some new techniques (e.g. Intel SGX and TXT and Arm Morello).

Please, watch the videos and try to solve the previous-exam exercise before the live lecture.

Previous exam questions (true/false)

Diversification techniques can be used to mitigate buffer overflows. I.e. they hinder the adversary's ability of exploiting them.
Return Oriented Programming (ROP) and Jump Oriented Programming (JOP) are ineffective if code injection is prevented
Guard Pages are used to detect buffer overflows and buffer over-reads.
Address Space Layout Randomization consists of randomizing the positions of the stack, heap, and code, hence making it difficult for an attacker to predict effects of memory errors such as buffer overflows.
Guard pages are regions of virtual memory whose execution is forbidden, but writable accesses are permitted.
In case of executable address space protection, the heap is configured as writable and nonexecutable.
Address space randomization counters buffer overflows because it prevents an attacker from knowing the size of the buffers.

Reading

Chapter 5.3.5 Crypto: Digital Signatures in Anderson (2008).
Chapter 5.7.5 Certification in Anderson (2008).

Further Reading

Chapter 20.6 Crypto: Enclaves in Anderson (2008).
Chapter 22.3 Phone: Platform security in Anderson (2008).

Slides

System Security

Videos

Other types of overflows

Countermeasures

Prevention: Memory safe languages
Prevention: Safe libraries
Prevention: Formal Verification
Detection: Guard pages
Detection of Control Flow manipulation
Prevention of code injection: Executable address space protection
Prevention of code injection: Instruction Set Randomization
Mitigation: Randomization
Mitigation: Isolation via microkernels
Mitigation: Software Fault Isolation
Mitigation: Isolation via Hypervisors
Mitigation: OS level access permissions