MSc Thesis Defense: An Approach to Stack Overflow Counter-Measures Using Kernel Properties (6 September, 9:30 am, Johnson 103)
by Benjamin Teissier, Bishop's University
The computer security became recently a subject of general concern for the main public, for governments, and for private companies alike. Indeed, the latest news involving stuxnet, flame, and so many other viruses made clear to everybody that privilege escalation and security threats in general deserve a greater attention. The range of buffer overflow exploitations in particular is large, ranging from data leaks to taking over a complete computing system. These are all dangerous, and most of the time the possibilities of exploitation are only limited by the skills of the attacking hacker.
Our work contributes to this investigation by analyzing the hacking techniques for exploiting buffer overflows in order to understand the existing counter measures, and eventually find a more accurate way to prevent the exploitation of buffer overflows. Our working platform is the GNU/Linux family of operating systems. Our work is at the highest privilege levels and in the safest part of a GNU/Linux system, namely the kernel. We provide a system that allows the kernel to detect overflows and prevent their exploitation. Our system allows the kernel to inject at launch time some (minimal) code into the binary being run, and subsequently use this code to monitor the execution of that program with respect to its stack use, thus detecting stack overflows. The system stands alone in the sense that it does not need any hardware support; it also works on any program, no matter how that program was conceived or compiled. Beside the theoretical concepts we also present a proof-of-concept patch to the kernel supporting our idea. Overall we effectively show that guarding against buffer overflows at run time is not only possible but also feasible, and we also take the first steps toward implementing such a defense.
CS Seminar: The Generative Power and Closure Properties of Parallel Communicating Grammar Systems (15 February, 1:30 pm, Johnson 102)
by Mary Sarah Ruth Wilkin, Bishop's University
Formal grammars can be extended to explicitly model the notions of concurrency and parallelism. We examine one such an extension, namely the parallel communicating grammar system (PCGS) together with its different sub-types. We show how languages generated by a PCGS fall into the Chomsky hierarchy; however, we demonstrate that a PCGS can be far more powerful than a grammar of the same type. The available results related to the generative capacity and closure properties of the different types of PCGS are presented. We start with a discussion on the results for the most commonly studied subtypes, followed by results for the less common but arguably more interesting structural variations. We conclude with a presentation of open questions regarding the PCGS that we plan to examine moving forward. We plan to focus in particular on the existing contradiction surrounding the generative power of context-free PCGS, which were found to be either less powerful than context-sensitive grammars or Turing complete.
Undergraduate Capstone Open Source Projects
If you are interested in getting real experience building a substantial software system as part of a distributed team, you'll be interested in UCOSP!
UCOSP is a senior undergraduate course, which has been running since September 2008. In this course, teams of students from several schools work together on an open-source software project. Each student registers in the appropriate course at his or her home institution (in our case this course would be either CS 404 or CS 408) and works in tandem with their peers from across the country. During one intensive weekend early in the course, students travel to meet face-to-face and work together.
This course exposes students to the tools, working practices, and issues that are now routine in global software development. Just as importantly, it enables them to get to know their peers from across the country. UCOSP is sponsored by Canadian CS Department Chairs and several industrial partners.
If you are interested in being involved, please contact Dr. Stefan D Bruda, who is the faculty partner for UCOSP at Bishop's.