• DocumentCode
    2447386
  • Title

    Describing Data Format Exploits Using Bitstream Segment Graphs

  • Author

    Hartle, Michael ; Schumann, Daniel ; Botchak, Arsene ; Tews, Erik ; Muhlhauser, Max

  • Author_Institution
    Dept. of Comput. Sci., Tech. Univ. Darmstadt, Darmstadt
  • fYear
    2008
  • fDate
    July 27 2008-Aug. 1 2008
  • Firstpage
    119
  • Lastpage
    124
  • Abstract
    Exploits based on data processing bugs are delivered through crafted data that seems to follow a data format, yet is altered in some way to trigger a specific bug during processing, eg. in order to execute contained malicious code. Decomposing crafted data according to the purported data format and the function of its components that are not format-compliant is a step towards understanding the delivery mechanism of an exploit and fixing the vulnerable application. This paper demonstrates the use of bitstream segment graphs for describing the structure of exploits on the example of the TIFF Jailbreak exploit for the Apple iPhone and iPod Touch with firmware 1.1.1.
  • Keywords
    codes; graph theory; security of data; Apple iPhone; TIFF Jailbreak; bitstream segment graphs; contained malicious code; data format; data processing bugs; firmware 1.1.1; iPod Touch; Codecs; Computer bugs; Computer science; Data models; Data processing; Encoding; Information technology; Microprogramming; Portable media players; Protocols; Data format; bitstream; description;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computing in the Global Information Technology, 2008. ICCGI '08. The Third International Multi-Conference on
  • Conference_Location
    Athens
  • Print_ISBN
    978-0-7695-3275-2
  • Electronic_ISBN
    978-0-7695-3275-2
  • Type

    conf

  • DOI
    10.1109/ICCGI.2008.21
  • Filename
    4591356
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2447386