Print Email Facebook Twitter System Call Argument Filtering for Interpreted Languages Title System Call Argument Filtering for Interpreted Languages Author Maquelin, Suzanne (TU Delft Electrical Engineering, Mathematics and Computer Science) Contributor Zarras, A. (mentor) Smaragdakis, G. (graduation committee) Spinellis, D. (graduation committee) Degree granting institution Delft University of Technology Programme Computer Science | Cyber Security Date 2022-07-01 Abstract Interpreted applications are often vulnerable to remote code execution attacks. To protect interpreted applications, we should reduce the tools available to the attackers. In this thesis, we investigate the possibilities for the automation of policy generation for interpreted applications in terms of system call arguments. These policies are used for system call argument interposition. We compare two approaches working on the interpreter to find if any of these two can provide meaningful policies. The first is dynamic analysis, and the second is static analysis, which uses symbolic execution.The symbolic execution was least effective as it provides policies only for a small portion of the system call arguments, less than ten per cent, and hinders normal execution of applications with these policies. The dynamic analysis solution fares better, providing a restriction for about forty per cent of the system call arguments. We conclude that automatic policy generation of system call arguments for interpreted applications is a meaningful endeavour. Subject cyber securitysystem call argument interpostitioninterpreted applicationsargument filteringsystem call interposition To reference this document use: http://resolver.tudelft.nl/uuid:bfeb62a0-7c2d-4d74-94cb-65c805a09dc4 Part of collection Student theses Document type master thesis Rights © 2022 Suzanne Maquelin Files PDF report.pdf 862.23 KB Close viewer /islandora/object/uuid:bfeb62a0-7c2d-4d74-94cb-65c805a09dc4/datastream/OBJ/view