Skip to content
master
Switch branches/tags
Code
This branch is up to date with master.
Contribute

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
src
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

stins4llvm

A State Inspection Tool for LLVM

StIns4LLVM is a protection tool based on a result checking technique intended to secure sensitive pure functions. It was developed during the Software Integrity Protection Practical Course, Summer Term 2017 at Technical University Munich.

The workflow of StIns4LLVM consists of three main phases. Firstly, it generates test cases using MACKE for every specified sensitive pure function. After that, a randomly constructed network of checkers determines the guards' place in the code. These guards attempt to verify whether a given function has been tampered with and if this is the case they call a response function. StIns4LLVM introduces delayed, probabilistic failures in the protected program in case of a tampering attempt. To be more precise, the response function is configured in such a way that in 20% of the times it does nothing and continues the normal execution path of the binary, while in the other 80% it terminates the program after 0 to 9 seconds. Finally, the last phase of the protection tool injects the guards in the corresponding places and compiles the protected program.

Authors

Getting Started

  1. Execute make in the project's top directory to build the tool.
  2. Compose a json configuration file according to this example (all keys are compulsory and self-explanatory):
{
  "functionsRC" : ["mul", "add", "sub", "isValidLicenseKey", "addChar"],
  "program" : ["src/InterestingProgram.c"],
  "binary" : "InterestingProgram-rewritten",
  "connectivityRC" : 2,
  "syminputC" : "syminput/syminputC.py",
  "syminputBC" : "syminput/syminputBC.py",
  "verbose" : true
}
  1. Finally, run StIns4LLVM which will execute the LLVM Pass on the provided source files, compile and place the resulting executable in the build folder.
./run.sh -f config.json

Requirements

We strongly recommend using the provided Dockerfile

About

State Inspection Tool for LLVM

Resources

Releases

No releases published

Packages

No packages published