Title :
Using Control-Flow Techniques in a Security Context: A Survey on Common Prototypes and Their Common Weakness
Author_Institution :
Dept. of Secure Services, Center for Adv. Security Res. Darmstadt (CASED), Darmstadt, Germany
Abstract :
Practical approaches using control-flow techniques in order to detect changes in the control-flow of a program have been subject of many scientific works. This work focuses on three common tools making use of control- and data-flow analysis in order to detect alternations and reveals their common weakness in terms of the ability to react directly to a dynamic change in control-flow. With a general focus on static analysis of binaries or source code, detection of dynamic changes in the executive flow cannot be detected. In order to emphasize this shortcoming of static analysis, we present an approach for dynamically changing a program´s control-flow and validate it by depicting a proof of concept.
Keywords :
data flow analysis; data-flow analysis; program control-flow techniques; security context; source code; static analysis; Computers; Context; Libraries; Malware; Prototypes; Software; Control-Flow Analysis; Control-Flow Attack; Host Intrusion Detection; Late Binding;
Conference_Titel :
Network Computing and Information Security (NCIS), 2011 International Conference on
Conference_Location :
Guilin
Print_ISBN :
978-1-61284-347-6
DOI :
10.1109/NCIS.2011.126
