Blog: Good Code, Bad Computations: A Computer Security Gray Area

Good Code, Bad Computations: A Computer Security Gray Area
UCSD News (10/27/08) Kane, Daniel

University of California, San Diego (UCSD) graduate students Erik Buchanan and Ryan Roemer, building on previous research by UCSD professor Hovav Shacham, have demonstrated that the technique of building malicious programs from good code using return-oriented programming can be automated. They also demonstrated that this vulnerability applies to RISC computer architectures as well as the x86 architecture. Shacham has already described how return-oriented programming could be used to force computers with the x86 architecture to act maliciously without infecting the machines with new code. However, the attack required extensive manual construction and appeared to rely on a unique quirk in the x86 design. Buchanan and Roemer will present their work at ACM's Conference on Communications and Computer Security (CCS), which takes place Oct. 27-31 in Alexandria, Virginia. "Most computer security defenses are based on the notion that preventing the introduction of malicious code is sufficient to protect a computer," says UCSD professor Stefan Savage. "There is a subtle fallacy in the logic, however: simply keeping out bad code is not sufficient to keep out bad computation." Return-oriented programming starts with the attacker taking advantage of a programming error in the target system to overwrite the runtime stack and divert program execution away from the path intended by the system's designers. However, instead of injecting malicious code, this technique enables attackers to create any kind of malicious computation or program using existing code.

View Full Article