> Details

Witt, Michael [Author] ; male [Contributor]; Wunder, Gerhard [Contributor]; Fritschek, Rick [Contributor]; Margraf, Marian [Contributor]; Krefting, Dagmar [Contributor]

Generation of Secure Runtime Environments for Untrusted Applications Through Machine Code Analysis ; Generierung von sicheren Ausführungsumgebungen für nicht vertrauenswürdige Anwendungen mittels Maschinencode-Analyse

Reference
management

Bookmarks

Remove from
bookmarks

Share this on Whatsapp

Close

Bookmarks



You can manage bookmarks using lists, please log in to your user account for this.
  • Media type: Doctoral Thesis; Electronic Thesis; E-Book
  • Title: Generation of Secure Runtime Environments for Untrusted Applications Through Machine Code Analysis ; Generierung von sicheren Ausführungsumgebungen für nicht vertrauenswürdige Anwendungen mittels Maschinencode-Analyse
  • Contributor: Witt, Michael [Author]
  • Published: Freie Universität Berlin: Refubium (FU Berlin), 2021
  • Extent: xiii, 186 Seiten
  • Language: English
  • DOI: https://doi.org/10.17169/refubium-32238
  • Keywords: IT security ; dynamic analysis ; code analysis ; static analysis ; system calls ; emulation ; sandbox
  • Origination:
  • Footnote: Diese Datenquelle enthält auch Bestandsnachweise, die nicht zu einem Volltext führen.
  • Description: Infrastructure providers rely on the execution of third-party applications to offer their platforms to customers and researchers. The execution of each application without a preceded security review poses a risk for the system and the overall IT infrastructure. However, if the unreviewed application is available for execution, it is also available for an analysis to generate appropriate countermeasures to prevent unwanted behaviour. This work investigates the capabilities of an automated secure environment. This environment is generated based on the analysis of applications that are only available in their machine code format. The analysis focuses on the interaction of the application with the operating system through the system call interface. Therefore this work describes required technologies and mechanisms to collect data, process it and generate rules for a secure environment to protect assets from attacks. This process and the result environment is tested with real-world applications and attacks to determine its effectiveness and overall costs. It is shown that the described solution is able to decrease the rate of successful attacks against the system from 83% to 9% in selected use-cases. This is achieved with an execution overhead of 823 ms average. These results demonstrate that it is possible to utilise automatic software analysis pipelines to build restricted execution environments for pre-compiled applications. It also highlight the advantages and limitations of the selected approach to focus the analysis on the system call interface. ; BetreiberInnen von Rechenzentren und IaaS-Systemen führen eine Vielzahl von Anwendungen unterschiedlichen Ursprungs von KundInnen und ForscherInnen aus. Die Ausführung dieser Anwendungen ist erforderlich, um die angebotene Dienstleistung zu erfüllen, kann jedoch erhebliche Schäden im System oder der gesamten Infrastruktur verursachen, wenn sie ohne vorherige Sicherheitsüberprüfung erfolgt. Da die Applikation jedoch zur Ausführung auf dem System vorliegen muss, kann ...
  • Access State: Open Access
  • Rights information: Attribution - Non Commercial - Share Alike (CC BY-NC-SA)