Hackpads are smart collaborative documents. .
427 days ago
Unfiled. Edited by Andersen You 427 days ago
  • By analyzing the leakages, we can rebuild the key
 
  • 中間值會暫存在  register 裡面, 例如要把0xc3(0x11000011)寫進去一個原本是0x00的register中, 會有4個bits更動
 
  • Hamming Distance的缺點:你不容易得知這個 register 之前的數值是多少...
 
  • Hamming Distance model:
 
  • HW: Hamming Weight
Andersen Y 兩種不同的模式需要參考使用硬體的規格!
 
 
#此段落表示我們將H(fi(pi,k))看成一個隨機變數x,和能量消耗y形成統計學上的回歸方程式關係,此時可以用皮爾森相關係數(Pearson Corrleation Coefiicient: Cor(y,x)),去探討隨機變數x是否足夠解釋能量消耗y之變化
  • If our key guessing is right, Cor(y,x) will be significant.
  • If it is wrong, Cor(y, x) will be close to 0.
 
[實作]
ATMega328P:被用在Arduino公司的許多商品上,例如:
  • Arduino UNO (USA ONLY)
  & Genuino UNO (OUTSIDE USA)
使用這個為處理器(ATMega328P)做AES加密, 當作攻擊的目標
 
ChipWhisperer
  1. control FPGA(連接電腦以及整個硬體系統,並控制整個系統的加密及側錄)
  1. OpenADC(一種Analog-to-digital converter,作為示波器)
 
MultiTarget board(可連接不同的攻擊目標)
  1. micro controller(連接為處理器,本次的目標)
  1. card socket(可插卡)
  1. FPGA(可以將要攻擊的演算法寫進板子上的FPGA)
 
[Demo Video]
  • CWCapture:側錄AES 256加密(AES第一個round)
  • 錄製100條trace
  • CWAnalyzer: AES 128的攻擊先攻擊AES 256前半段, 得到前面16 byte, 前半段的key
  • CWCapture:側錄AES 256加密(AES第二個round)
  • CWAnalyzer: 利用前半段key的結果找出AES第二個round的對應中間值,破解後半段的key
 
每個round在執行時還是128 bits進行加密
 
  • The variables we concern change vertically.
  • Those horizontal shifts could be disturbance.
 
  • Method 1:Sum of Absolute Difference (SAD).
  • 兩個要比對的波段直接相減取絕對值再加總
 
  • 把兩個要比對波段上的點當成兩個隨機變數,找兩者的皮爾森相關係數
  • Align the traces by maximizing the correlation coefficient.
 
  • Random Time Delays
  • 在S-box look-up步驟時,每個byte做查表前加入一個隨機長度時間delay
  • 可以造成攻擊者的混亂,因為要先對齊每個byte的位置才能用CPA攻擊
 
Countermeasure (2)
  • Shuffling (不一定要按照順序做S-box look-up, 可以先從後面的byte加密後再做前面, 隨機調整順序, 會讓攻擊比較困難
Countermeasure (3)
  • Adding Dummy (擾亂攻擊者), S-box look-up之間可以加入一些假的look-up步驟,每個trace都加在不同地方也可以達到干擾攻擊者的效果。
 
451 days ago
Unfiled. Edited by 陳威廷 451 days ago
  • ********* 
Rockey L
  • 女性員工佔40%
陳威廷
  • *********
 
453 days ago
Unfiled. Edited by Kouni Huang 453 days ago
  • 位子的人還是很多嘛。
 
454 days ago
Unfiled. Edited by 陳威廷 454 days ago
  • 淡水:阿給
  • 九份:芋圓
  • 深坑:臭豆腐
 
  • 臭豆腐、豬血糕、雞排、官芝琳大腸包小腸
陳威廷
  • 一中街
  • 多多茶坊、豐仁冰、上和園(冷藏滷味、紅豆冰)
  • 東海教堂
  • 勤美誠品
  • 火車站
  • 香菇肉羹、宮園眼科(冰淇淋、日出伴手禮)、繼光香香雞
  • 精誠肉圓
  • 高美濕地
  • 豐原廟東
  • 鳳梨冰、蒸肉圓、炸肉圓、蚵仔煎、牛奶冰、永芳亭(扁食湯、四神豬腳、四神豬肚、肉粽)、菱角酥、滿亭芳牛肉麵
 
彰化
  • 北門口肉圓
  • 鹿港
 
 
454 days ago
Unfiled. Edited by Jason Chu 454 days ago
won a 防毒軟體基本原理 by NISRA
 
  
  • Introduction to CTF by BambooFox
 
455 days ago
Unfiled. Edited by T-Bone Grady 455 days ago
  • R2 共筆空間
 
457 days ago
加密勒索軟體行為偵測(以Mac OS X 為例) by Happyholic1203
 
 
 
Ming-Fang T 對勒索軟體的假設
  • 世上只有兩種勒索軟體
  • 寫型(overwrite):加密並覆寫原檔
Rockey L
  • 相似度低
  • entropy
  • 一種為開檔型,產生新加密檔並刪除原檔
Ming-Fang T
  • 定會保留檔案全部內容
Rockey L
  • 只具一般使用者權限(如rootkit 之類不討論
Ming-Fang T
  • [Optional]只關注某些檔案類型 ex. docx, pptx, xlsx, pdf, png, jpg,...
 
Ct C 複寫型:必覆蓋全檔,檔案內變質
Ming-Fang T -MIME Type 改變
-相似度變低
-Entropy變高
張瑋倫 開檔型:必讀取全檔(一定要保留全部檔案內容),且讀會刪檔
進入點是readdir(列出某目錄下的檔案) ps.recursive
 
複寫型:readdir —> open—>read all —>write all —> release(檔案變質)
德維 黎 開檔型:readdir →open →read all→ (write to some where)→release(把檔案砍掉)
 
Ming-Fang T 合理的白名單
 
inspected process -> monitored file
(1) not proper opener
(2) non-system
(3) monitored filetype
(4) readdir
(5) open
符合 (1)~(5),就追蹤它。  
 
德維 黎 Mac OS X 上用FUSE實做成果演示
 
 
 
改進空間及方向
  • 檢測方式inline mode v.s. sniffer mode
  • FUSE的作法
  • Inline mode 
  • Ransomeware 演化前可有效偵測
  • 會影響系統效能(syscall從kernal->user->kernal)
  • 較理想的作法
  • 從Kernal mode 將關鍵行為事件簿傳回user mode判斷
  • 判斷跟系統操作非同步->不影響系統穩定性
  • User mode:監控honey file
 
結論
 
green l
  • Ransomware會演化,勢必會有一番攻防-最頭痛的演化方向:高權限、dll side loading等
  • 知道盾的作法,也探討了矛的新切入角度
德維 黎
  • Inline mode penalty:系統效能/穩定性
  • Sniffer mode penalty:有些檔案會犧牲
 
Emsisoft Behavior Blocker
成功監測20支
 
green l CryptoDrop (IEEE ICDCS2016)
成功偵測492個
 
 
This is not going to end: The evaluation of Android app packing and unpacking techniques by Yajin Zhou
 
 
Jacky L
  • Packing service createproblem for both good and bad guys.
  • Bad guys: malware authors, 打包黨
  • -> hard to repackage popular apps
  • Good guys: app markets maintainers, security researchers
 
 
In reality, app packing services are abused by bad guys.
梆梆加固
 
Main types of app packing techniques
  • Static (靜態分析): cheat statical analysis tools
  • Dynamic (動態分析)
  • -> Memory dex loading: directly load encrpted dex file into memory and execute
  • -> ANti-analysis: raise the bar for dynamic analysis
 
德維 黎 Main types of app unpacking techniques
  • Static: reverse enginner the encryption algorithm
Jacky L
  • Pros: one method to kill all samples - protected by on packer
  • Cons: hard - usually the encrption algorithm is in the native code, and continuously changing
  • Dynamic: memory dump
  • Basic idea: the unencrypted btyecode will be eventually in memory
  • Lack of self-modifying (and JITed bytecode) support
 
德維 黎 Manifest cheating
  • Manifest file:define packages name, permissions,components...
  • When pardsed , attrbutes are translated into ids
  • If we insert an id to represent an undefined Java class
  • aapt:ignore this
  • apktool:honor this -> app re packaged by apktool will crash due to inimplemented Java classes
Fake encryption
  • apk file is indeed a normal zip file
...
Members (264)
莊般若 CL H yu-kung lin Jessica Wu Vital Eli Alkayd Zhao-Jun Zhong (kappa) ‫على الشاعر‬‎ Chen Pam J cynosure Gnehsoah Gnaw Andersen You Davis Chang Kuo-Chen Lien 破竹 陳耕硯 JR OR Keng-Wei Chang 林容伊 Chun-Hung Liu

Create a New Collection

Cancel

Move XXX to XXX


XXX will be invited to the XXX on XXX.

Cancel

Contact Support



Please check out our How-to Guide and FAQ first to see if your question is already answered! :)

If you have a feature request, please add it to this pad. Thanks!


Log in