Software – AIS Home | Assured Information Security https://www.ainfosec.com Thu, 08 Jun 2023 19:36:38 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.2 https://www.ainfosec.com/wp-content/uploads/2022/10/cropped-ais-icon-1-32x32.png Software – AIS Home | Assured Information Security https://www.ainfosec.com 32 32 AIS at the 2021 Xen Project Developer & Design Summit https://www.ainfosec.com/2021-xen?utm_source=rss&utm_medium=rss&utm_campaign=ais-at-the-2021-xen-project-developer-design-summit Mon, 14 Jun 2021 19:40:11 +0000 https://www.ainfosec.com/?p=13238 ...]]>

Connor Davis, Software Engineer/Researcher at AIS, presented at the 2021 Xen Developer & Design Summit. This year’s virtual event took place on Tuesday, May 25 through Friday, May 28.

Abstract

The Root VM: A New Xen Domain Species

The Xen scheduler is a complex piece of code responsible for scheduling guest virtual machines and managing platform power. What if this complexity could be avoided by reusing the scheduler in a domU instead? This talk is a case study that discusses the benefits and costs of a scheduler-less Xen, in particular its effect on power, performance, emulation and PCI passthrough. This study is based on the opensource research implementation of the Xen PV interface in the MicroV hypervisor. The goal of this talk to raise awareness of this alternative architecture and to start a discussion on the possibility of bringing this alternative to upstream Xen.

About Connor Davis  

Connor spends most of his time exploring virtualization technologies (in particular VT-x/VT-d), covert communications, embedded systems, secure boot architectures and Clang/LLVM. In his free time, he enjoys hiking, rock climbing and practicing Jiu Jitsu. He is also currently contributing to the port of Xen to RISC-V. 

]]> ByteRI https://www.ainfosec.com/byteri?utm_source=rss&utm_medium=rss&utm_campaign=byteri Tue, 18 May 2021 19:52:57 +0000 https://www.ainfosec.com/?p=13158 ...]]>

Reverse engineers can finally take a sigh of relief thanks to AIS’s new program, Byte Taint Resonance Imaging, aka ByteRI, which will make a major impact in the practice of dynamic taint analysis.

What is ByteRI?

ByteRI is the solution to a multitude of laborious and inefficient reverse engineering programs.

By individually tainting each byte of an input and tracing the flow of these byte-taints through ByteRI, associations between the input fields and code instructions that depend on them are uncovered.

What problem does ByteRI solve?

Reverse engineers are tasked with discovering what programs do while simultaneously learning how it does it. This is not an easy task and involves the creation of new inputs to drive the program’s execution toward unexplored code.

How Does it Work?

The ByteRI program analysis leverages dynamic taint analysis to discover mappings between input data and code that operates on this data. This allows users to visualize how the choice of input impacts control flow and uncover the syntax of a program’s anticipated inputs, including fields, separators and terminals. Analysis results will be integrated into modern reverse engineering and vulnerability discovery toolsets.

How does this impact reverse engineering and vulnerability tasks?

Simply said, tasks will be easier, more accurate and more efficient. Human reverse engineers will save time by being able to more quickly understand previously unseen code. Vulnerability discovery tools will more quickly discover inputs that trigger bugs representing potentially weaponizable vulnerabilities.

]]>