Show simple item record

dc.contributor.advisorSpeakman, Lee
dc.contributor.advisorEze, Thaddeus
dc.contributor.advisorJohn, Nigel
dc.contributor.authorOyinloye, Toyosi A.
dc.date.accessioned2024-02-08T13:46:07Z
dc.date.available2024-02-08T13:46:07Z
dc.date.issued2023-08
dc.identifierhttps://chesterrep.openrepository.com/bitstream/handle/10034/628480/Enhancing%20Software%20Protection%20via%20Inter-Process%20Control%20Flow%20Integrity.pdf?sequence=1
dc.identifier.citationOyinloye, Toyosi A. (2023). Software Exploitation and Software Protection Measures Enhancing Software Protection via Inter-Process Control Flow Integrity [Unpublished doctoral thesis]. University of Chester.en_US
dc.identifier.urihttp://hdl.handle.net/10034/628480
dc.description.abstractComputer technologies hinge on the effective functionality of the software component. Unfortunately, software code may have flaws that cause them to be vulnerable and exploitable by attackers. Software exploitation could involve a hijack of the application and deviation of the flow of its execution. Whenever this occurs, the integrity of the software and the underlying system could be compromised. For this reason, there is a need to continually develop resilient software protection tools and techniques. This report details an in-depth study of software exploitation and software protection measures. Efforts in the research were geared towards finding new protection tools for vulnerable software. The main focus of the study is on the problem of Control Flow Hijacks (CFH) against vulnerable software, particularly for software that was built and executed on the RISC-V architecture. Threat models that were addressed are buffer overflow, stack overflow, return-to-libc, and Return Oriented Programming (ROP). Whilst the primary focus for developing the new protection was on RISC-V-based binaries, programs that were built on the more widespread x86 architecture were also explored comparatively in the course of this study. The concept of Control Flow Integrity (CFI) was explored in the study and a proof-of-concept for mitigating ROP attacks that result in Denial of Service is presented. The concept of CFI involves the enforcement of the intended flow of execution of a vulnerable program. The novel protection is based on the CFI concept combined with Inter-process signalling (named Inter-Process Control Flow Integrity (IP-CFI)). This technique is orthogonal to well-practised software maintenance such as patching/updates and is complementary to it providing integrity regardless of exploitation path/vector. In evaluating the tool, it was applied to vulnerable programs and found to promptly identify deviations in vulnerable programs when ROP attacks lead to DoS with an average runtime overhead of 0.95%. The system on which the software is embedded is also protected as a result of the watchdog in the IP-CFI where this kind of attack would have progressed unnoticed. Unlike previous CFI models, IP-CFI extends protection outside the vulnerable program by setting up a mutual collaboration between the protected program and a newly written monitoring program. Products derived in this study are software tools in the form of various Linux scripts that can be used to automate several functionalities, two RISC-V ROP gadget finders (RETGadgets & JALRGadget), and the software protection tool IP-CFI. In this report, software is also referred to as binary, executable, application, program or process.en_US
dc.language.isoenen_US
dc.publisherUniversity of Chesteren_US
dc.rightsAttribution-NonCommercial-NoDerivatives 4.0 International*
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/4.0/*
dc.subjectSoftware exploitationen_US
dc.subjectSoftware protection toolsen_US
dc.subjectControl Flow Hijacks (CFH)en_US
dc.titleSoftware Exploitation and Software Protection Measures Enhancing Software Protection via Inter-Process Control Flow Integrityen_US
dc.typeThesis or dissertationen_US
dc.rights.embargodate2024-02-13
dc.type.qualificationnamePhDen_US
dc.rights.embargoreasonAwaiting Awards Boarden_US
dc.type.qualificationlevelDoctoralen_US
dc.rights.usageThe full-text may be used and/or reproduced in any format or medium, without prior permission or charge, for personal research or study, educational, or not-for-profit purposes provided that: - A full bibliographic reference is made to the original source - A link is made to the metadata record in ChesterRep - The full-text is not changed in any way - The full-text must not be sold in any format or medium without the formal permission of the copyright holders. - For more information please email researchsupport.lis@chester.ac.uken_US


Files in this item

Thumbnail
Name:
Enhancing Software Protection ...
Size:
6.050Mb
Format:
PDF
Request:
Thesis

This item appears in the following Collection(s)

Show simple item record

Attribution-NonCommercial-NoDerivatives 4.0 International
Except where otherwise noted, this item's license is described as Attribution-NonCommercial-NoDerivatives 4.0 International