Signature Analysis Coupled With Slicing Analysis for the Validation of Software
Adam Dugger - Arxan
Oct 15, 2008PDF (763KB) Size: 331.2MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractWhat if you could determine exactly where, in any compiled binary, a security threat existed?
Answering this question has been the fundamental goal of anti-virus software for many years past, with limited success. Instead, what if you could determine not where security threats do exist, but where they could possibly exist? This is certainly a step in the right direction for total software security -- one which puts us well on our way to being able to develop applications safe against hidden malicious code. All of this is possible with the machine code analysis methodology known as Signature Analysis.
However, consider the following question: What if you could determine exactly where, in any compiled binary, a security threat might exist, and, further, precisely what this threat might affect later in the application’s execution?
This information can be retrieved by combining the capabilities of Code Slicing Analysis with the previously mentioned Signature Analysis. This paradigm not only assists in hardening against currently known threats, but it also identifies areas that are affected by those threats.
These principles form the framework for a novel static technique for ensuring software integrity. The goal of this seminar is to present these ideas and to discuss possible future applications.
About the SpeakerAdam Dugger graduated from Purdue University with a double major in Computer Science and Mathematics in May of 2007. Adam now works for Arxan Defense Systems on a variety of research projects. His presentation focuses on the use of Signature Analysis coupled with Slicing Analysis for detection of malicious code. He has applied known techniques used in anti-virus scanners for use in system integrity checking.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.