Details

Preverjanje celovitosti kontrolnega pretoka
ID Štrosar Grmek, Loris (Author), ID Mihelič, Jurij (Mentor) More about this mentor... This link opens in a new window

.pdfPDF - Presentation file, Download (1,18 MB)
MD5: C38C58F4A2A3366600051A5D1331897F

Abstract
Magistrska naloga obravnava zagotavljanje celovitosti kontrolnega toka programov. Napadi, kot je vrnitveno usmerjeno programiranje, izkoriščajo pomnilniške ranljivosti in napadalcu omogočajo prevzem nadzora nad izvajanjem programa. V nalogi razvijemo sistem za preverjanje, s katerim ugotovimo, ali se je program izvedel tako, kot je bil načrtovan. Predelamo simulator Spike za arhitekturo RISC-V, da omogoča spremljanje programa med izvajanjem. Pri tem beležimo vsako spremembo kontrolnega toka z veriženjem zgoščenih vrednosti, s čimer na koncu ustvarimo atest o izvajanju. Možne poti programa določimo s statično analizo, pri kateri iz strojne kode programa zgradimo graf kontrolnega toka in ga analiziramo. Tako pridobimo vse možne poti programa in njihove ustrezne zgoščene vrednosti. Atest preverimo s pričakovanimi vrednostmi in ugotovimo morebitno kršitev celovitosti. Sistem smo preverili z naborom programov in izvedbo napada z vrnitveno usmerjenim programiranjem nad ranljivim programom, ki ga sistem pravilno zazna.

Language:Slovenian
Keywords:kontrolni tok, graf kontrolnega toka, celovitost kontrolnega toka, atestiranje kontrolnega toka, vrnitveno usmerjeno programiranje
Work type:Master's thesis/paper
Typology:2.09 - Master's Thesis
Organization:FRI - Faculty of Computer and Information Science
Year:2025
PID:20.500.12556/RUL-176723 This link opens in a new window
COBISS.SI-ID:262684675 This link opens in a new window
Publication date in RUL:10.12.2025
Views:287
Downloads:83
Metadata:XML DC-XML DC-RDF
:
Copy citation
Share:Bookmark and Share

Secondary language

Language:English
Title:Verification of control-flow integrity
Abstract:
The master's thesis addresses the assurance of control flow integrity in programs. Attacks such as return-oriented programming exploit memory vulnerabilities, allowing an attacker to hijack a program's execution. We developed a verification system to determine whether a program has executed as intended. We modified the Spike simulator for the RISC-V architecture to enable program execution monitoring. This involves logging every control flow change by chaining hash values, ultimately generating an execution claim. The program's possible paths are determined through static analysis, where we construct and analyse a control flow graph from the program's machine code. This process yields all possible program paths and their corresponding hash values. The claim is then verified against the expected values to detect any potential integrity violations. We evaluated the system using a set of programs and by performing a return-oriented programming attack on a vulnerable program. The system correctly detected the attack.

Keywords:control flow, control flow graph, control flow integrity, control flow attestation, return-oriented programming

Similar documents

Similar works from RUL:
Similar works from other Slovenian collections:

Back