Static Detection Of Application Backdoors presented at Blackhat USA 2007

by Chris Eng,

Tags: Security

Summary : Backdoors have been part of software
since the first security feature was implemented. So unless there is a
process to detect backdoors they will inevitably be inserted into
software. Requiring source code is a hurdle to detecting backdoors since
it isn't typically available for off the shelf software or for many of
the libraries developers link to. And what about your developer tool
chain? Ken Thompson in "Reflections on Trusting Trust" showed your
compiler can't be trusted. What about your linker, obfuscator or packer?
To find backdoors in these scenarios you need to inspect the software
executable binary.