Integrity Verification of Applications on RADIUM Architecture Page: 9
vii, 44 pages : color illustrationsView a full description of this thesis.
Extracted Text
The following text was automatically extracted from the image on this page using optical character recognition software:
The adversary is assumed to have no physical access to RADIUM, so the attacker
cannot perform any hardware-based attacks. I also assumed that the attacker does not
have access to the user level privileges to measured VM but can launch remote attacks
on a networked application. With a well-designed buffer-overflow attack on a vulnerable
application, the adversary can gain root level privileges on the target VM. Even though the
VMs are partitioned and isolated, the adversary may gain access to other VMs and launch
network based attacks on target VM. The adversary may try to subvert the communication
between a challenger and measured service. The attacker may also perform off-line attack on
target VM or application by modifying binaries. Attacks on RADIUM are not in the scope
of this research. They are discussed in detail in [22].
2.3. Daikon and Application Invariants
Daikon developers defined invariant as "a property that holds at a certain point or
points in a program" [14]. In general, invariant is a condition that has to be satisfied during
program execution. The context of execution influences invariant definition at a program
point. Based on the source of invariants they are calcified into two types: 1. Data Invariants
and 2. Structural Invariants [20]. Data invariants are properties of individual variables or
(logical or mathematical) relationships among a group of variables. Examples are constant,
original, equality/inequality invariants. Structural invariants are rules that have to be true
during execution. The definitions of the rules are generic in nature and they depend upon
programming language and execution environment. For example, return address of the
stack should always point to a code section of memory and frame pointer of the stack should
not change during function execution. Though the invariants reflect program behaviors at
specific times, not all of them are documented and even developers may not be aware of
their existence.
The invariants are of special interest when it comes to security debugging, vulnera-
bility identification, integrity verification, and understanding program control flow. If one
or more invariants of a program are not holding true then these invariants are said to be
violated and this indicates an anomaly in application behavior. An attack could be the rea-9
Upcoming Pages
Here’s what’s next.
Search Inside
This thesis can be searched. Note: Results may vary based on the legibility of text within the document.
Tools / Downloads
Get a copy of this page or view the extracted text.
Citing and Sharing
Basic information for referencing this web page. We also provide extended guidance on usage rights, references, copying or embedding.
Reference the current page of this Thesis.
Tarigopula, Mohan Krishna. Integrity Verification of Applications on RADIUM Architecture, thesis, August 2015; Denton, Texas. (https://digital.library.unt.edu/ark:/67531/metadc804915/m1/17/: accessed July 17, 2024), University of North Texas Libraries, UNT Digital Library, https://digital.library.unt.edu; .