携带证明代码中的奇怪机器

2014 IEEE Security and Privacy Workshops Pub Date : 2014-05-17 DOI:10.1109/SPW.2014.37

Julien Vanegue

{"title":"携带证明代码中的奇怪机器","authors":"Julien Vanegue","doi":"10.1109/SPW.2014.37","DOIUrl":null,"url":null,"abstract":"We review different attack vectors on Proof-Carrying Code (PCC) related to policy, memory model, machine abstraction, and formal system. We capture the notion of weird machines in PCC to formalize the shadow execution arising in programs when their proofs do not sufficiently capture and disallow the execution of untrusted computations. We suggest a few ideas to improve existing PCC systems so they are more resilient to memory attacks.","PeriodicalId":142224,"journal":{"name":"2014 IEEE Security and Privacy Workshops","volume":"2010 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"The Weird Machines in Proof-Carrying Code\",\"authors\":\"Julien Vanegue\",\"doi\":\"10.1109/SPW.2014.37\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We review different attack vectors on Proof-Carrying Code (PCC) related to policy, memory model, machine abstraction, and formal system. We capture the notion of weird machines in PCC to formalize the shadow execution arising in programs when their proofs do not sufficiently capture and disallow the execution of untrusted computations. We suggest a few ideas to improve existing PCC systems so they are more resilient to memory attacks.\",\"PeriodicalId\":142224,\"journal\":{\"name\":\"2014 IEEE Security and Privacy Workshops\",\"volume\":\"2010 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-05-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 IEEE Security and Privacy Workshops\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SPW.2014.37\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE Security and Privacy Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SPW.2014.37","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 18

摘要

本文从策略、内存模型、机器抽象和形式化系统等方面综述了PCC的不同攻击向量。我们在PCC中捕获了奇怪机器的概念，以形式化程序中出现的影子执行，当它们的证明不能充分捕获和禁止执行不可信的计算时。我们提出了一些改进现有PCC系统的想法，使它们对内存攻击更有弹性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

The Weird Machines in Proof-Carrying Code

We review different attack vectors on Proof-Carrying Code (PCC) related to policy, memory model, machine abstraction, and formal system. We capture the notion of weird machines in PCC to formalize the shadow execution arising in programs when their proofs do not sufficiently capture and disallow the execution of untrusted computations. We suggest a few ideas to improve existing PCC systems so they are more resilient to memory attacks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2014 IEEE Security and Privacy Workshops

自引率

0.00%

发文量

期刊最新文献

Analysis of Unintentional Insider Threats Deriving from Social Engineering Exploits Detecting Unknown Insider Threat Scenarios Can We Identify NAT Behavior by Analyzing Traffic Flows? A Case Study in Malware Research Ethics Education: When Teaching Bad is Good Resilience as a New Enforcement Model for IT Security Based on Usage Control