Initial Analysis of Underhanded Source Code

Abstract

It is possible to develop software source code, called underhanded code, that appears benign to human review but is actually malicious. This is not merely an academic concern; in 2003, an attacker attempted to subvert the widely used Linux kernel by inserting underhanded software. This paper provides a very brief initial look at underhanded source code, with the intent to eventually help develop countermeasures against it. This paper identifies and summarizes public examples of underhanded code, briefly summarizes the literature, and identifies promising countermeasures. It then examines one data set (the Obfuscated V Contest), tries a small set of countermeasures, and measures their effectiveness. This initial work suggests that a small set of countermeasures can significantly reduce the risks from underhanded code. The paper concludes with recommendations on how to expand on this work.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Apr 01, 2020
Accession Number
AD1122149

Entities

People

  • David A. Wheeler

Organizations

  • Institute for Defense Analyses

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • C Programming Language
  • Compilers
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Contracts
  • Countermeasures
  • Cybersecurity
  • Data Sets
  • Debugging
  • Detectors
  • Elections
  • Language
  • Literature
  • Operating Systems
  • Programming Languages
  • Shell Scripts
  • Software Assurance
  • Software Development
  • Software Testing
  • Standards
  • Test And Evaluation
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Parallel and Distributed Computing.
  • Systems Analysis and Design