Suspected Software-Code Restoration Using a Dictionary Led System

Abstract

The recent increase of devices connected to the Internet and the introduction of new paradigms; Internet of Things [IoT] and Cloud computing], exposes the Internet to sever security risks, especially malicious alteration of the application software code or utilizing malfunction codes to attack the system. Such attack can change the behavior and the outcome of the system. This work proposes a rule-based technique for substituting suspicious-code by secure-code. The technique scans over source code using parsing techniques and identifies key patterns. These patterns are matched against a dictionary which stores mappings from suspicious to secure code. For practical purposes we suggest using the proposed technique in conjunction with a secure execution environment, implemented by Intel Software Guard Extension (SGX). The proposed system may also be helpful at the execution environment by transforming the executable code back to its source code and then apply the proposed system to discover vulnerable code and even correct it. This may also be used to discover code anomalies or security issues and activate the appropriate warning preventing damage to the production environment.