Protecting Software Execution by Dynamic Environment Hardening

Sammanfattning: Software has an important role in many systems, in particular in critical systems where the correct function of the larger system is of utmost importance. Software malfunction, or software exploits, that allow other system components or an adversary to control the execution of software, can cause significant damage to the system, and hence to what is controlled by the system. Due to the complexity in, and construction of, modern software systems, it is not sufficient to only analyze software source, such as source code, trying to find vulnerabilities that might enable exploits when executing. Instead, software protection must be extended with methods that consider the actual software execution, typically by executing in parallel with the software, and that protect the software as it executes. By using such methods, we can detect unwanted execution and protect against many exploits where the underlying vulnerability is difficult or impossible to find using only pre-execution, or static, methods. In this thesis, we present a methodology, and model for protecting software execution. We argue for the merits of dynamic methods, i.e. methods that consider the actual software execution, and we present a number of principles for how dynamic methods can be constructed. We also present three experiment systems that we have constructed, and show how the dynamic methods represented through these systems can be used to protect software execution and hence protect a system against exploits.