Loading...
|
Please use this identifier to cite or link to this item:
https://nccur.lib.nccu.edu.tw/handle/140.119/119720
|
| Title: | 物聯網應用程式之資訊洩漏評估
Information leakage estimation of IoT applications |
| Authors: | 方元廷
Fang, Yuan-Ting |
| Contributors: | 郁方
Fang, Yu
方元廷
Fang, Yuan-Ting |
| Keywords: | 物聯網
資訊洩漏
符號執行
Python
旁通道攻擊 |
| Date: | 2018 |
| Issue Date: | 2018-08-29 15:48:31 (UTC+8) |
| Abstract: | 隨著硬體的速度與價格高速的進步之下,物聯網已經逐漸成為我們生活中的一部分。為了避免物聯網應用程式遭到濫用,我們時常可以在程式中看到驗證相關的功能。然而若是這些驗證功能會於程式執行時產生資訊洩漏的情況,將會是對系統驗證機制的一大威脅,同時也為有心人士打開一道後門。旁通道攻擊即為一種藉由觀測程式的執行來取得程式內部資訊的方法。
本篇文章提出了指令層級的方法去評估物聯網應用程式的資訊洩漏情形。首先我們將Python之操作碼轉成控制流程圖,在依照控制流程圖上的順序,依照深度優先原則來符號化執行指令,最終產生路徑條件與指令組,並將指令組視為觀測值。最後,我們依據觀測值的異同,利用Automata Based model Counter來估算路徑發生的次數,並計算其發生機率。而利用這些機率,我們可以求出shannon entropy,並以此數據評估此程式之資訊洩漏情形。
With rapidly growing cheaper and faster devices and connections, the Internet
of Things (IoT) techniques gradually become ubiquitous and soon to be a part of
our lives. In order to prevent IoT applications from being abused, it is often to see
authentication functionality in programs. However, if these programs leak secrets
during execution, it may damage the authentication mechanism and thus opens a
backdoor for people with malicious intentions. Side channel attack that observes
execution differences is a way to get the secret behind programs.
This paper presents an instruction-level technique to estimate information leakage
of IoT applications. To facilitate analysis on IoT applications, we first parse
python opcodes to construct the control flow graph (CFG), and symbolically execute
this code by traversing the CFG with depth first strategy to generate path
constraints and their instruction sets as observables. Finally we make use of the
Automata Based model Counter (ABC) to perform model counting for each observable
of path execution. Calculating shannon entropy with the probabilities of path
executions enables us to evaluate information leakage of target programs. |
| Reference: | [1] J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of things (iot): A
vision, architectural elements, and future directions,” Future generation computer
systems, vol. 29, no. 7, pp. 1645–1660, 2013.
[2] I. Lee and K. Lee, “The internet of things (iot): Applications, investments, and
challenges for enterprises,” Business Horizons, vol. 58, no. 4, pp. 431–440, 2015.
[3] A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash, “Internet
of things: A survey on enabling technologies, protocols, and applications,” IEEE
Communications Surveys & Tutorials, vol. 17, no. 4, pp. 2347–2376, 2015.
[4] A. Kamilaris, F. Gao, F. X. Prenafeta-Boldú, and M. I. Ali, “Agri-iot: A semantic
framework for internet of things-enabled smart farming applications,” in Internet of
Things (WF-IoT), 2016 IEEE 3rd World Forum on, pp. 442–447, IEEE, 2016.
[5] P. A. Laplante and N. Laplante, “The internet of things in healthcare: Potential
applications and challenges,” IT Professional, vol. 18, no. 3, pp. 2–4, 2016.
[6] Y. Jie, J. Y. Pei, L. Jun, G. Yun, and X. Wei, “Smart home system based on iot
technologies,” in Computational and Information Sciences (ICCIS), 2013 Fifth International
Conference on, pp. 1789–1791, IEEE, 2013.
[7] S. Kalra and S. K. Sood, “Secure authentication scheme for iot and cloud servers,”
Pervasive and Mobile Computing, vol. 24, pp. 210–223, 2015.
[8] E. Brier and M. Joye, “Weierstraß elliptic curves and side-channel attacks,” in International
Workshop on Public Key Cryptography, pp. 335–345, Springer, 2002.
[9] W. Schindler, K. Lemke, and C. Paar, “A stochastic model for differential side channel
cryptanalysis,” in International Workshop on Cryptographic Hardware and Embedded
Systems, pp. 30–46, Springer, 2005.
[10] Y. Zhang, “Cache side channels: State of the art and research opportunities,” in Proceedings
of the 2017 ACM SIGSAC Conference on Computer and Communications
Security - CCS 17, 2017.
[11] J. Chen, Y. Feng, and I. Dillig, “Precise detection of side-channel vulnerabilities
using quantitative cartesian hoare logic,” in Proceedings of the 2017 ACM SIGSAC
Conference on Computer and Communications Security - CCS 17, 2017.
[12] C. S. Pasareanu, Q.-S. Phan, and P. Malacaria, “Multi-run side-channel analysis using
symbolic execution and max-smt,” in Computer Security Foundations Symposium
(CSF), 2016 IEEE 29th, pp. 387–400, IEEE, 2016.
[13] P. C. Kocher, “Timing attacks on implementations of diffie-hellman, rsa, dss,
and other systems,” in Annual International Cryptology Conference, pp. 104–113,
Springer, 1996.
[14] Z. Tao, F. Ming-Yu, and F. Bo, “Side-channel attack on biometric cryptosystem
based on keystroke dynamics,” in Data, Privacy, and E-Commerce, 2007. ISDPE
2007. The First International Symposium on, pp. 221–223, IEEE, 2007.
[15] K. Suzaki, K. Iijima, T. Yagi, and C. Artho, “Software side channel attack on memory
deduplication,” in ACM Symposium on Operating Systems Principles (SOSP 2011),
Poster session, 2011.
[16] N. J. Al Fardan and K. G. Paterson, “Lucky thirteen: Breaking the tls and dtls record
protocols,” in Security and Privacy (SP), 2013 IEEE Symposium on, pp. 526–540,
IEEE, 2013.
[17] Q.-S. Phan, L. Bang, C. S. Pasareanu, P. Malacaria, and T. Bultan, “Synthesis
of adaptive side-channel attacks,” in Computer Security Foundations Symposium
(CSF), 2017 IEEE 30th, pp. 328–342, IEEE, 2017.
[18] J. Newsome and D. Song, “Dynamic taint analysis for automatic detection, analysis,
and signature generation of exploits on commodity software,” 2005
[19] A. Aggarwal and P. Jalote, “Integrating static and dynamic analysis for detecting
vulnerabilities,” in Computer Software and Applications Conference, 2006. COMPSAC’
06. 30th Annual International, vol. 1, pp. 343–350, IEEE, 2006.
[20] P. Godefroid, N. Klarlund, and K. Sen, “Dart: directed automated random testing,”
in ACM Sigplan Notices, vol. 40, pp. 213–223, ACM, 2005.
[21] N. Jovanovic, C. Kruegel, and E. Kirda, “Pixy: A static analysis tool for detecting
web application vulnerabilities,” in Security and Privacy, 2006 IEEE Symposium on,
pp. 6–pp, IEEE, 2006.
[22] J. C. King, “Symbolic execution and program testing,” Communications of the ACM,
vol. 19, no. 7, pp. 385–394, 1976.
[23] W. Visser, C. S. Pˇasˇareanu, and S. Khurshid, “Test input generation with java
pathfinder,” ACM SIGSOFT Software Engineering Notes, vol. 29, no. 4, pp. 97–107,
2004.
[24] T. Xie, D. Marinov, W. Schulte, and D. Notkin, “Symstra: A framework for generating
object-oriented unit tests using symbolic execution,” in International Conference
on Tools and Algorithms for the Construction and Analysis of Systems, pp. 365–381,
Springer, 2005.
[25] C. S. Pasareanu, M. B. Dwyer, and W. Visser, “Finding feasible counter-examples
when model checking abstracted java programs,” in International Conference on
Tools and Algorithms for the Construction and Analysis of Systems, pp. 284–298,
Springer, 2001.
[26] C. Csallner and Y. Smaragdakis, “Check’n’crash: combining static checking and testing,”
in Proceedings of the 27th international conference on Software engineering,
pp. 422–431, ACM, 2005.
[27] C. S. Pasareanu, W. Visser, D. Bushnell, J. Geldenhuys, P. Mehlitz, and N. Rungta,
“Symbolic pathfinder: integrating symbolic execution with model checking for java bytecode analysis,” Automated Software Engineering, vol. 20, no. 3, pp. 391–425,
2013.
[28] C. Cadar, D. Dunbar, D. R. Engler, et al., “Klee: Unassisted and automatic generation
of high-coverage tests for complex systems programs.,” in OSDI, vol. 8, pp. 209–
224, 2008.
[29] K. Sen, D. Marinov, and G. Agha, “Cute: a concolic unit testing engine for c,” in
ACM SIGSOFT Software Engineering Notes, vol. 30, pp. 263–272, ACM, 2005.
[30] S. Mechtaev, J. Yi, and A. Roychoudhury, “Angelix: Scalable multiline program patch
synthesis via symbolic analysis,” in Software Engineering (ICSE), 2016 IEEE/ACM
38th International Conference on, pp. 691–701, IEEE, 2016.
[31] L. Luu, D.-H. Chu, H. Olickel, P. Saxena, and A. Hobor, “Making smart contracts
smarter,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and
Communications Security, CCS ’16, (New York, NY, USA), pp. 254–269, ACM,
2016.
[32] 0vercl0k, “stuffz/python’s internals.” https://github.com/0vercl0k/stuffz, 2013.
[33] C. Barrett, A. Stump, C. Tinelli, et al., “The smt-lib standard: Version 2.0,” in Proceedings
of the 8th International Workshop on Satisfiability Modulo Theories (Edinburgh,
England), vol. 13, p. 14, 2010.
[34] A. Aydin, L. Bang, and T. Bultan, “Automata-based model counting for string constraints,”
in International Conference on Computer Aided Verification, pp. 255–272,
Springer, 2015. |
| Description: | 碩士
國立政治大學
資訊管理學系
105356018 |
| Source URI: | http://thesis.lib.nccu.edu.tw/record/#G0105356018 |
| Data Type: | thesis |
| DOI: | 10.6814/THE.NCCU.MIS.021.2018.A05 |
| Appears in Collections: | [資訊管理學系] 學位論文
|
Files in This Item:
| File |
Size | Format | |
|---|
| 601801.pdf | 1140Kb | Adobe PDF2 | 2 | View/Open |
|
All items in 政大典藏 are protected by copyright, with all rights reserved.
|
