Master Praktikum - Software Integrity Protection (IN2106, IN4213)
Mater Praktikum - Software Integrity Protection (IN2106, IN4213)

Lehrveranstaltung 0000003207 im SS 2017

Basisdaten

LV-Art	Praktikum
Umfang	6 SWS
betreuende Organisation	Informatik 4 - Lehrstuhl für Software & Systems Engineering (Prof. Pretschner)
Dozent(inn)en	Leitung/Koordination: Alexander Pretschner
Termine

Zuordnung zu Modulen

IN2106: Master-Praktikum / Advanced Practical Course
Dieses Modul ist in den folgenden Katalogen enthalten:
- weitere Module aus anderen Fachrichtungen

weitere Informationen

Lehrveranstaltungen sind neben Prüfungen Bausteine von Modulen. Beachten Sie daher, dass Sie Informationen zu den Lehrinhalten und insbesondere zu Prüfungs- und Studienleistungen in der Regel nur auf Modulebene erhalten können (siehe Abschnitt "Zuordnung zu Modulen" oben).

ergänzende Hinweise	Software systems are subject to Man-At-The-End attacks. MATE attackers have control over the system on which the software is running, and thus they can manipulate both the software itself and its runtime environment for their own benefits. Attackers motive includes but not limited to: illegal usage of a software by bypassing license checks, accessing proprietary data, cheating in games or extracting confidential information (e.g. encryption keys) in an application. In this lab course, students will learn about different protection measures, their cons and pros and finally implement a selected set of techniques. Module 0: Introduction and Motivation Software protection scenarios Attack tree Man-at-the-End vs. network attacker Overview of the attacks Disassembly Decompilation Debugging Symbolic / Concolic Execution Overview of the defense (integrity protection) techniques: introspection, state inspection, layered and remote protection. Module 1: Protection Process & LLVM Check() and Response() paradigm Overview of protection process & code transformation Post-compile, pre-compile, compile-time, load time and runtime transformations Granularity of protection: function, basic block, instruction, slice, control flow LLVM compiler infrastructure & passes Module 2: Introspection self-checksumming Check() and Response() paradigm Self-checking and self-checksumming Network of checkers and cyclic checks Stealth analysis Attacks: memory split and taint analysis Module 3: Introspection self-encrypting Key derivation and Block-chain Whitebox cryptography Process level virtualization Stealth analysis Attacks: memory dump and key extraction Module 4: State inspection Trace authentication Environmental states Oblivious hashing Stealth analysis Attacks: time-of-check vs. time-of-use Module 5: Intel SGX Running software on untrusted commodity Runtime integrity Trusted and untrusted program domains Enclaves Local attestation Remote attestation Limitations
Links	E-Learning-Kurs (z. B. Moodle) TUMonline-Eintrag

ergänzende Hinweise

Software systems are subject to Man-At-The-End attacks. MATE attackers have control over the system on which the software is running, and thus they can manipulate both the software itself and its runtime environment for their own benefits. Attackers motive includes but not limited to: illegal usage of a software by bypassing license checks, accessing proprietary data, cheating in games or extracting confidential information (e.g. encryption keys) in an application. In this lab course, students will learn about different protection measures, their cons and pros and finally implement a selected set of techniques. Module 0: Introduction and Motivation Software protection scenarios Attack tree Man-at-the-End vs. network attacker Overview of the attacks Disassembly Decompilation Debugging Symbolic / Concolic Execution Overview of the defense (integrity protection) techniques: introspection, state inspection, layered and remote protection. Module 1: Protection Process & LLVM Check() and Response() paradigm Overview of protection process & code transformation Post-compile, pre-compile, compile-time, load time and runtime transformations Granularity of protection: function, basic block, instruction, slice, control flow LLVM compiler infrastructure & passes Module 2: Introspection self-checksumming Check() and Response() paradigm Self-checking and self-checksumming Network of checkers and cyclic checks Stealth analysis Attacks: memory split and taint analysis Module 3: Introspection self-encrypting Key derivation and Block-chain Whitebox cryptography Process level virtualization Stealth analysis Attacks: memory dump and key extraction Module 4: State inspection Trace authentication Environmental states Oblivious hashing Stealth analysis Attacks: time-of-check vs. time-of-use Module 5: Intel SGX Running software on untrusted commodity Runtime integrity Trusted and untrusted program domains Enclaves Local attestation Remote attestation Limitations

Links

E-Learning-Kurs (z. B. Moodle)
TUMonline-Eintrag

Master Praktikum - Software Integrity Protection (IN2106, IN4213)Mater Praktikum - Software Integrity Protection (IN2106, IN4213)

Lehrveranstaltung 0000003207 im SS 2017

Basisdaten

Zuordnung zu Modulen

weitere Informationen

Master Praktikum - Software Integrity Protection (IN2106, IN4213)
Mater Praktikum - Software Integrity Protection (IN2106, IN4213)