Protecting Functional Programs From Low-Level Attackers

Software systems are growing ever larger. Early software systems were singular units developed by small teams of programmers writing in the same programming language. Modern software systems, on the other hand, consist of numerous interoperating components written by different teams and in different...

Full description

Bibliographic Details
Main Author: Larmuseau, Adriaan
Format: Doctoral Thesis
Language:English
Published: Uppsala universitet, Avdelningen för datalogi 2016
Subjects:
Online Access:http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-281318
http://nbn-resolving.de/urn:isbn:978-91-554-9573-2
id ndltd-UPSALLA1-oai-DiVA.org-uu-281318
record_format oai_dc
spelling ndltd-UPSALLA1-oai-DiVA.org-uu-2813182016-06-02T05:05:31ZProtecting Functional Programs From Low-Level AttackersengLarmuseau, AdriaanUppsala universitet, Avdelningen för datalogiUppsala universitet, DatalogiUppsala2016SecurityFunctional ProgrammingCompilationInteroperationBisimulationMemory ProtectionSoftware systems are growing ever larger. Early software systems were singular units developed by small teams of programmers writing in the same programming language. Modern software systems, on the other hand, consist of numerous interoperating components written by different teams and in different programming languages. While this more modular and diversified approach to software development has enabled us to build ever larger and more complex software systems, it has, however, made it harder to ensure the reliability and security of software systems. In this thesis we study and remedy the security flaws that arise when attempting to resolve the difference in abstractions between components written in high-level functional programming languages and components written in imperative low-level programming languages. High-level functional programming languages, treat computation as the evaluation of mathematical functions. Low-level imperative programming languages, on the contrary, provide programmers with features that enable them to directly interact with the underlying hardware. While these features help programmers write more efficient software, they also make it easy to write malware through techniques such as buffer overflows and return oriented programming. Concretely, we develop new run-time approaches for protecting components written in functional programming languages from malicious components written in low-level programming languages by making using of an emerging memory isolation mechanism.This memory isolation mechanism is called the Protected Module Architecture (PMA). Informally, PMA isolates the code and data that reside within a certain area of memory by restricting access to that area based on the location of the program counter. We develop these run-time protection techniques that make use of PMA for three important areas where components written in functional programming languages are threatened by malicious low-level components: foreign function interfaces, abstract machines and compilation. In everyone of these three areas, we formally prove that our run-time protection techniques are indeed secure. In addtion to that we also provide implementations of our ideas through a fully functional compiler and a well-performing abstract machine. Doctoral thesis, monographinfo:eu-repo/semantics/doctoralThesistexthttp://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-281318urn:isbn:978-91-554-9573-2Uppsala Dissertations from the Faculty of Science and Technology, 1104-2516 ; 124application/pdfinfo:eu-repo/semantics/openAccess
collection NDLTD
language English
format Doctoral Thesis
sources NDLTD
topic Security
Functional Programming
Compilation
Interoperation
Bisimulation
Memory Protection
spellingShingle Security
Functional Programming
Compilation
Interoperation
Bisimulation
Memory Protection
Larmuseau, Adriaan
Protecting Functional Programs From Low-Level Attackers
description Software systems are growing ever larger. Early software systems were singular units developed by small teams of programmers writing in the same programming language. Modern software systems, on the other hand, consist of numerous interoperating components written by different teams and in different programming languages. While this more modular and diversified approach to software development has enabled us to build ever larger and more complex software systems, it has, however, made it harder to ensure the reliability and security of software systems. In this thesis we study and remedy the security flaws that arise when attempting to resolve the difference in abstractions between components written in high-level functional programming languages and components written in imperative low-level programming languages. High-level functional programming languages, treat computation as the evaluation of mathematical functions. Low-level imperative programming languages, on the contrary, provide programmers with features that enable them to directly interact with the underlying hardware. While these features help programmers write more efficient software, they also make it easy to write malware through techniques such as buffer overflows and return oriented programming. Concretely, we develop new run-time approaches for protecting components written in functional programming languages from malicious components written in low-level programming languages by making using of an emerging memory isolation mechanism.This memory isolation mechanism is called the Protected Module Architecture (PMA). Informally, PMA isolates the code and data that reside within a certain area of memory by restricting access to that area based on the location of the program counter. We develop these run-time protection techniques that make use of PMA for three important areas where components written in functional programming languages are threatened by malicious low-level components: foreign function interfaces, abstract machines and compilation. In everyone of these three areas, we formally prove that our run-time protection techniques are indeed secure. In addtion to that we also provide implementations of our ideas through a fully functional compiler and a well-performing abstract machine.
author Larmuseau, Adriaan
author_facet Larmuseau, Adriaan
author_sort Larmuseau, Adriaan
title Protecting Functional Programs From Low-Level Attackers
title_short Protecting Functional Programs From Low-Level Attackers
title_full Protecting Functional Programs From Low-Level Attackers
title_fullStr Protecting Functional Programs From Low-Level Attackers
title_full_unstemmed Protecting Functional Programs From Low-Level Attackers
title_sort protecting functional programs from low-level attackers
publisher Uppsala universitet, Avdelningen för datalogi
publishDate 2016
url http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-281318
http://nbn-resolving.de/urn:isbn:978-91-554-9573-2
work_keys_str_mv AT larmuseauadriaan protectingfunctionalprogramsfromlowlevelattackers
_version_ 1718292393364553728