A High-Level Model for an Assembly Language Attacker by Means of Reflection

• Published in: Dependable Software Engineering Vol. 9409; pp. 168 - 182
• Main Authors: Larmuseau, Adriaan, Patrignani, Marco, Clarke, Dave
• Format: Book Chapter Conference Proceeding
• Language: English
• Published: Switzerland Springer International Publishing AG 2015; Springer International Publishing
• Series: Lecture Notes in Computer Science
• Subjects: 3D graphics & modelling; Attack Model; Computer programming / software development; Label Transition System; Silent Transition; Software Engineering; Source Language; Type Safety
• ISBN: 9783319259413; 3319259415
• ISSN: 0302-9743; 1611-3349
• DOI: 10.1007/978-3-319-25942-0_11

Many high-level functional programming languages are compiled to or interoperate with, low-level languages such as C and assembly. Research into the security of these compilation and interoperation mechanisms often makes use of high-level attacker models to simplify formalisations. In practice, however, the validity of such high-level attacker models is frequently called into question. In this paper we formally prove that a light-weight ML equipped with a reflection operator can serve as an accurate model for malicious assembly language programs, when reasoning about the security threats such an attacker model poses to the abstractions of ML programs that reside within a protected memory space. The proof proceeds by relating bisimulations over the assembly language attacker and the high-level attacker.