0000000000983202
AUTHOR
Nezer Zaidenberg
Creating modern blue pills and red pills
The blue pill is a malicious stealthy hypervisor-based rootkit. The red pill is a software package that is designed to detect such blue pills. Since the blue pill was originally proposed there has been an ongoing arms race between developers that try to develop stealthy hypervisors and developers that try to detect such stealthy hypervisors. Furthermore, hardware advances have made several stealth attempts impossible while other advances enable even more stealthy operation. In this paper we describe the current status of detecting stealth hypervisors and methods to counter them. peerReviewed
Using Hypervisors to Overcome Structured Exception Handler Attacks
Microsoft windows is a family of client and server operating systems that needs no introduction. Microsoft windows operating system family has a feature to handle exceptions by storing in the stack the address of an exception handler. This feature of Microsoft Windows operating system family is called SEH (Structured exception handlers). When using SEH the exception handler address is specifically located on the stack like the function return address. When an exception occurs the address acts as a trampoline and the EIP jumps to the SEH address. By overwriting the stack one can create a unique type of return oriented programming (ROP) exploit that force the instruction pointer to jump to a …
Efficient remote authentication
In 2003, Kennel and Jamieson described a method of remote machine authentication. By authentication, the authors meant that the remote machine is non-virtual, and the operating system on the remote machine is not malicious. The described method does not consider the variety of versions of each operating system. The description completely ignores the existence of modules that can be plugged into the operating system. The authors of this paper adapt the method described by Kennel and Jamieson to the real world so that itcan be applied without prior knowledge of theoperating system or the modules on the remote machine. peerReviewed
Online expression and spending on personal cybersecurity
The Internet is used increasingly as a platform both for free expression and e-commerce. Internet users have a variety of attitudes towards the security and privacy risks involved with using the Internet; and distinct concerns and behaviors with regard to expressing themselves online. Users may have controversial viewpoints that they may express online in various ways. Controversial viewpoints or artwork by their nature may not be as well received as positive or polite expressions. In the online environment, users with controversial viewpoints may be reluctant to express the viewpoints due to concern about possible consequences resulting from the expressions. Consequences may be imposed by …
System for Executing Encrypted Native Programs
An important aspect of protecting software from attack, theft of algorithms, or illegal software use, is eliminating the possibility of performing reverse engineering. One common method to deal with these issues is code obfuscation. However, in most case it was shown to be ineffective. Code encryption is a much more effective means of defying reverse engineering, but it requires managing a secret key available to none but the permissible users. The authors propose a new and innovative solution. Critical functions in protected software are encrypted using well-known encryption algorithms. Following verification by external attestation, a thin hypervisor is used as the basis of an eco-system …
Does time spent on device security and privacy inhibit online expression?
Freedom of expression is a recognized human right. More recently, the UN has resolved that unrestricted access to the Internet is also a human right. A commonly accepted benefit of the Internet is that it serves as a platform for free expression. Usage of the Internet for free expression can be a way of circumventing censorship or other hindrances that prevent citizens' freedom of expression in more traditional publishing media. However, the Internet has unique security and privacy risks that may affect users' attitudes toward expressing themselves online. In the online environment, users with controversial viewpoints may be reluctant to express the viewpoints due to concern about possible …
Arm security alternatives
Many real-world scenarios such as protecting DRM, online payments and usage in NFC payments in embedded devices require a trustworthy “trusted execution environment” (TEE) platform. The TEE should run on the ARM architecture. That is popular in embedded devices. Furthermore, past experience has proved that such TEE platform should be available in source code form. Without the source code 3rd parties and user cannot be conducted code review audit. Lack of review put doubt on the system as a trustworthy environment. The popular Android OS supports various TEE implementations. Each TEE OS implementation has its own unique way of deploying trusted applications(trustlets) and its own distinct fe…