Course Presentation

Presenter Course title
Christian Collberg Introduction to Software Protection
Brecht Wyseur White-box Cryptography
Bart Preneel Hardware Security
Lorenzo Cavallaro Hands on with Software Protection
K.P. Chow Forensics/legal
Somesh Jha Malware Detection (Trends and Future)

Christian Collberg (University of Arizona, USA)

Course title:
Introduction to Software Protection

Abstract:
Software protection is the branch of computer security that studies techniques for protecting secrets contained in computer programs from being discovered, modified, or redistributed. In this introductory lecture we will show how an adversary can study a program under their control (using disassemblers, decompilers, etc.) in order to extract proprietary information or modify the program, for example in order to bypass a license check. We will discuss important basic software protection algorithms for obfuscation, tamperproofing, and software watermarking, as well as basic reverse engineering techniques for attacking such protections.

Brecht Wyseur (Nagravision, Switzerland)

Course title:
White-box Cryptography

Abstract:
Software applications often rely on cryptographic algorithms to protect a given service that they support. Think of banking applications, DRM applications, cloud storage services, secure email and teleconferencing, games. Many of these examples will suffer severe consequences when secret key information leaks from the software application. This lecture will explore the challenges of mitigating such information leakage in use-cases where the software is executed on platforms that are completely under control of malicious users. This is the research field that is denoted as white-box cryptography. After an introduction on the threats and some examples, the audience will be guided through the state of the art in white-box cryptography, and we will discuss some challenges and opportunities.

Bart Preneel (Katholieke Universiteit Leuven, Belgium)

Course title:
Hardware Security

Abstract:
This lecture discusses how hardware can help to enhance security. We discuss hardware mechanisms such as secure boot, secure memory, cryptographic coprocessors and explain the principles behind TPMs (Trusted Platform Modules) and ARM TrustZone?. We also discuss how PUFs (Physical Uncloneable Functions) can enhance security. Finally we discuss how cryptographic hardware can be vulnerable to physical attacks (side channel analysis, probing and fault injection) and how one can defend against these attacks.

Lorenzo Cavallaro (Royal Holloway, University of London, UK)

Course title:
Hands on with Software Protection

Abstract:
Memory error exploitations have been around for over 25 years and still rank among the top 3 most dangerous software errors. Why haven't we been able to stop them? Given the host of security measures on modern machines, are we less vulnerable than before, and can we expect to eradicate memory error problems in the near future? This talk will present attacks, defenses, and statistics. A historical overview provides insight in past trends and developments, while an investigation of real-world vulnerabilities and exploits allows us to speculate on the significance of memory errors in the foreseeable future.

K.P. Chow (The University of Hong Kong, China)

Course title:
Forensics/legal

Abstract:
Computer program infringing materials are difficult to identify. There are common techniques to disguise the origin of copied codes. In order to decide on a legal basis whether a substantial part of copyright work has been taken, it is necessary to consider both the quality and quantity of the part taken. In this session, the speaker will discuss the copyright laws that are related to software, and also discuss various researches and techniques have carried out in relation to authorship identification and plagiarism identification. We shall also illustrate various techniques using different case studies, from binary executable files comparison to source code comparison.

Somesh Jha (University of Wisconsin-Madison, USA)

Course title:
Malware Detection (Trends and Future)

Abstract:
We will review the threat landscape and current solutions for detecting malware and discuss the fundamental reason why the severity of threats from malware seems to be getting worse. We believe that the fundamental reason is that writing a complex but secure program is a near-impossible task for a conventional operating system. If an attacker compromises any module of a trusted program running on such a system, then the attacker can perform arbitrary operations on the system. However, if a program runs on a privilege-aware operating system, then the program can invoke system calls to explicitly manage the privileges of its modules, and thus minimize the abilities of an attacker. The developers of privilege-aware systems have rewritten complex programs to invoke such system calls to satisfy strong security properties. However, such systems have not been adopted by developers outside the development community of each system. Moreover, even the systems' own developers often write programs for their system that they believe to be correct, only to realize later through testing that the rewritten program is insecure or does not demonstrate desired functionality of the original program.
    We will examine the challenges in rewriting programs for privilege-aware systems, and present a tool, called a policy weaver, that rewrites programs for such systems automatically. Our policy weaver takes as input a program written for a conventional system and a small and declarative policy (i.e., a regular expression describing allowed program executions). The weaver outputs a version of the program that invokes system calls so that it satisfies the policy. The weaver reduces each rewriting problem to finding a correct strategy to a two-player automata-theoretic safety game. We describe our experience developing a policy weaver for the Capsicum privilege-aware operating system (now included in FreeBSD 9.0), and describe how a policy weaver for an arbitrary privilege-aware system can be constructed automatically by providing a declarative model of the system to a policy-weaver generator. We will provide examples to illustrate this new technique.