We live in an age of software problems with catastrophic consequences. An extra goto in Apple’s SSL implementation compromised certificate checks for the better part of a year. An erroneous integer conversion in the Ariane 5 launch destroyed the European Space Agency rocket and its cargo valued at 500 million dollars. Often the problem is just a few lines of code and looking for it is like searching for a needle in a haystack, but without knowing what a needle looks like. Moreover the problems are often so subtle that it is difficult to tell if the problem is intentionally malicious or an honest mistake. The traditional approach to bug and malware detection fails to detect novel attacks or discover new classes of bugs. To make matters worse, both problems can remain dormant and can easily evade testing. In this talk we critically explore the challenges involved in bug and malware detection. To explore concepts further we leverage a framework called JReFrameworker for manipulating the Java runtime environment to develop managed code rootkits.
Venue: Iowa State University Cybersecurity Seminar Series, Ames, Iowa, November 2016.
Author: Benjamin Holland