:: Home Graduate News Master Degrees Post-Master Degrees Certificates Admissions Financial Aid Job Opportunities Student Services General Information |
GRADUATE NEWS
Ph.D. in Information Technology Final Defense David A. Wheeler
PhD in Information Technology Doctoral Dissertation
Candidate: David A. Wheeler
Dissertation Director: Daniel Menasce
Dissertation Co-Director: Ravi Sandhu
Title: Fully Countering Trusting Trust Through Diverse Doublecompiling
Monday, November 23, 2009, 1:00pm – 3:00pm
Innovation Hall, Room 105
Abstract:
An Air Force evaluation of Multics, and Ken Thompson’s Turing award lecture (“Reflections on Trusting Trust”), showed that compilers can be subverted to insert malicious Trojan horses into critical software, including themselves. If this “trusting trust” attack goes undetected, even complete analysis of a system’s source code will not find the malicious code that is running. Previously-known countermeasures have been grossly inadequate. If this attack cannot be countered, attackers can quietly subvert entire classes of computer systems, gaining complete control over financial, infrastructure, military, and/or business system infrastructures worldwide. This dissertation’s thesis is that the trusting trust attack can be detected and effectively countered using the “Diverse Double-Compiling” (DDC) technique, as demonstrated by (1) a formal proof that DDC can determine if source code and generated executable code correspond, (2) a demonstration of DDC with four compilers (a small C compiler, a small Lisp compiler, a small maliciously corrupted Lisp compiler, and a large industrial-strength C compiler, GCC), and (3) a description of approaches for applying DDC in various real-world scenarios. In the DDC technique, source code is compiled twice: once with a second (trusted) compiler (using the source code of the compiler’s parent), and then the compiler source code is compiled using the result of the first compilation. If the result is bit-for-bit identical with the untrusted executable, then the source code accurately represents the executable.
Candidate: David A. Wheeler
Dissertation Director: Daniel Menasce
Dissertation Co-Director: Ravi Sandhu
Title: Fully Countering Trusting Trust Through Diverse Doublecompiling
Monday, November 23, 2009, 1:00pm – 3:00pm
Innovation Hall, Room 105
Abstract:
An Air Force evaluation of Multics, and Ken Thompson’s Turing award lecture (“Reflections on Trusting Trust”), showed that compilers can be subverted to insert malicious Trojan horses into critical software, including themselves. If this “trusting trust” attack goes undetected, even complete analysis of a system’s source code will not find the malicious code that is running. Previously-known countermeasures have been grossly inadequate. If this attack cannot be countered, attackers can quietly subvert entire classes of computer systems, gaining complete control over financial, infrastructure, military, and/or business system infrastructures worldwide. This dissertation’s thesis is that the trusting trust attack can be detected and effectively countered using the “Diverse Double-Compiling” (DDC) technique, as demonstrated by (1) a formal proof that DDC can determine if source code and generated executable code correspond, (2) a demonstration of DDC with four compilers (a small C compiler, a small Lisp compiler, a small maliciously corrupted Lisp compiler, and a large industrial-strength C compiler, GCC), and (3) a description of approaches for applying DDC in various real-world scenarios. In the DDC technique, source code is compiled twice: once with a second (trusted) compiler (using the source code of the compiler’s parent), and then the compiler source code is compiled using the result of the first compilation. If the result is bit-for-bit identical with the untrusted executable, then the source code accurately represents the executable.
Posted on: October 30, 2009
Prospective Students ~ Current Students ~ Alumni & Friends ~ Corporate & Community Partners
Departments ~ News ~ Events ~ People ~ Admissions ~ Undergraduates ~ Graduates ~ Research ~ Continuing Education
© 2008 The Volgenau School of Information Technology and Engineering - George Mason University