動態更新與修補溢位弱點的設計與實作

Abstract

我們無法避免程式產生錯誤，因此必須利用修補機制(Patch)進行更新。但在一般作業系統平台，例如微軟視窗(Microsoft Windows)，對程式進行更新時，通常需將程式關閉，才能對程式進行更新。這雖然是無法避免的動作，對商業網站的營運卻會造成巨額損失。目前已有多種軟體動態修補(Dynamic Software Updating)的研究成果，但是皆需原始碼(Source Code)的輔助。有鑑於此，我們針對微軟視窗平台上商業軟體，在沒有原始碼可供分析的情況下，仍可進行動態軟體修補。

為了證明修補機制的可行性，我們試行運用於溢位弱點的動態修補操作。現存偵測溢位弱點的方法中，大都無法有效用於正在運行的伺服器上，因為偵測溢弱點耗費時間，影響網站服務效率。我們因此利用所發展的修補機制，發展可動態偵測軟體溢位弱點的工具，讓使用者選擇性地啟動溢位弱點偵測，供使用者在不關閉程式的前提下，進行修補有溢位弱點的程式。透過在視窗平台上的軟體實驗，我們可以有效地修補溢位弱點，防止惡意使用者利用此類型弱點進行攻擊。

Programs are inherently with bugs for we can only prove their presence but not their absence. In order to maintain the quality of software and get rid of bugs, developers need to fix them and release corresponding patches. When patching the software on Microsoft Windows, we usually terminate the software first, apply related patches, and restart the system. Such a process is expensive to shutdown the system only for patching and fixing the software bugs. Much research efforts focus on dynamic software updating (DSU) with static analysis on source code. Our work, called DUBS, instead tries to develop DSU on Commercial Off-The-Shelf (COTS) software.

To prove the applicability of our binary updating mechanism, we apply DSU on Buffer overflow detection. Such techniques have been well developed but they can not be applied to server dynamically, due to their high execution overhead. We develop a tool by our binary DSU which could detect buffer overflow vulnerability dynamically. Users can optionally enable the detection mechanism and use this tool to patch the vulnerability dynamically in COTS on Microsoft Windows without stopping the program. We perform the experiment on COTS and can successfully block the attack from malicious users.