Presentation is loading. Please wait.

Presentation is loading. Please wait.

Exploiting Instruction Streams To Prevent Intrusion Milena Milenkovic.

Published byNathan Carroll Modified over 8 years ago

Similar presentations

Presentation on theme: "Exploiting Instruction Streams To Prevent Intrusion Milena Milenkovic."— Presentation transcript:

1 Exploiting Instruction Streams To Prevent Intrusion Milena Milenkovic

2 Outline Introduction Related Work Trusted Instruction Execution Framework The Framework Potential Conclusion

3 Introduction Most of today’s computers connected to Internet, Even more in the future, including embedded devices One of the major security problems: the execution of the unauthorized code A lot of applications may be vulnerable Attack examples: –buffer overflow (heap, stack) –format string attack –…

4 Introduction Stack-smashing

5 Introduction One solution: allow only execution of trusted instructions Trusted instructions – with a valid signature Previous research: limited number of instruction streams (dynamic basic blocks) Use basic block signatures: run-time verification of the last basic block in an instruction stream Signatures calculated during trusted installation

6 Related Work Two categories: –Static source code analysis –Dynamic detection/prevention Static code analysis: false alarms Dynamic –Secure Program Execution Framework (SPEF) –Tag “spurious” data –Monitoring program “behavior” (system calls, performance monitoring registers) –Split stack for data/addresses, or secure stack –Compilers, compiler and library patches

7 Related Work Most related – SPEF: a given program binary has numerous representations with the same functionality During installation, each instruction block is transformed; verified in the run-time –compute transformation-invariant hash of the instruction block –encrypt the hash value with the secret key –use encrypted value to select a transformation (e.g., a particular instruction order in case of instruction scheduling) 7.5%-17.1% increased execution time, Mediabench Also related: tamper-proof techniques, but different granularity

8 Trusted Instruction Execution Requirements: –prevent the execution of unauthorized code –the security features should not significantly increase the program execution time This project: proposes a framework that satisfies requirements

9 Trusted Instruction Execution Atomic code unit protected by its signature: a basic block Verify all basic blocks? It is enough to verify the signature of the last basic block (LBB) in the instruction stream, when LBB generated a cache miss Signatures on hard disk: encrypted

10 Architecture for Trusted Computing BBST L1I L1D MMU Datapath FPUs IF Control BBST_M Code Heap Stack BBST – Basic Block Signature Table BBST_M – Basic Block Signature Table (Memory) BBSVU – Basic Block Signature Verification Unit BBSVU

11 Signature Generation MISR (Multiple input signature register) Linear feedback coefficients – based on the processor secret key

12 Phases of the Security Mechanism Compilation and program installation –Signature table (BBST_M) is generated, encrypted and appended to the program binary Program loading in the memory –BBST_M is decrypted, loaded in the memory Program execution –Signature of each last basic block with cache miss is verified –If no match, generate trap to OS – kill process

13 Program Execution

14 The Framework Potential 32-bit MISR I-cache: 4 ways, 128 sets, 64B line BBST: 4 ways, 4B line, 128/256 sets LRU replacement Traces of SPEC CPU2000 benchmarks for Alpha architecture –F2B, M2B segments –10 integer (CINT), 11 floating-point benchmarks (CFP)

15 The Framework Potential

16

17

18 Also measured; –the number of instruction cache misses –the number of BBST accesses The number of BBST misses – very small Trusted instruction overhead will not significantly hurt performance

19 Conclusion Proposed a framework for trusted instruction execution, evaluated potential Promises to be faster than SPEF, with additional hardware resources and BBST appended to program binary Future work: –asses different BBST organizations –preload BBST? –simulate execution time –evaluate an alternative implementation: signature embedded in the code

Download ppt "Exploiting Instruction Streams To Prevent Intrusion Milena Milenkovic."

Similar presentations

Performance Evaluation of Cache Replacement Policies for the SPEC CPU2000 Benchmark Suite Hussein Al-Zoubi.

Performance Evaluation of Cache Replacement Policies for the SPEC CPU2000 Benchmark Suite Hussein Al-Zoubi.
Using Instruction Block Signatures to Counter Code Injection Attacks Milena Milenković, Aleksandar Milenković, Emil Jovanov The University of Alabama in.

Using Instruction Block Signatures to Counter Code Injection Attacks Milena Milenković, Aleksandar Milenković, Emil Jovanov The University of Alabama in.
TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.

TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.
UPC Microarchitectural Techniques to Exploit Repetitive Computations and Values Carlos Molina Clemente LECTURA DE TESIS, (Barcelona,14 de Diciembre de.

UPC Microarchitectural Techniques to Exploit Repetitive Computations and Values Carlos Molina Clemente LECTURA DE TESIS, (Barcelona,14 de Diciembre de.
Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.

Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.
1 Implementing an Untrusted Operating System on Trusted Hardware David Lie Chandramohan A. Thekkath Mark Horowitz University of Toronto, Microsoft Research,

1 Implementing an Untrusted Operating System on Trusted Hardware David Lie Chandramohan A. Thekkath Mark Horowitz University of Toronto, Microsoft Research,
1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.

1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.
Overview Motivations Basic static and dynamic optimization methods ADAPT Dynamo.

Overview Motivations Basic static and dynamic optimization methods ADAPT Dynamo.
Operating Systems Lecture Notes Memory Management Matthew Dailey Some material © Silberschatz, Galvin, and Gagne, 2002.

Operating Systems Lecture Notes Memory Management Matthew Dailey Some material © Silberschatz, Galvin, and Gagne, 2002.
Virtual Memory Chapter 18 S. Dandamudi. 2003 To be used with S. Dandamudi, “Fundamentals of Computer Organization and Design,” Springer, 2003.  S. Dandamudi.

Virtual Memory Chapter 18 S. Dandamudi To be used with S. Dandamudi, “Fundamentals of Computer Organization and Design,” Springer,  S. Dandamudi.
1 S. Tallam, R. Gupta, and X. Zhang PACT 2005 Extended Whole Program Paths Sriraman Tallam Rajiv Gupta Xiangyu Zhang University of Arizona.

1 S. Tallam, R. Gupta, and X. Zhang PACT 2005 Extended Whole Program Paths Sriraman Tallam Rajiv Gupta Xiangyu Zhang University of Arizona.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
CS 333 Introduction to Operating Systems Class 12 - Virtual Memory (2) Jonathan Walpole Computer Science Portland State University.

CS 333 Introduction to Operating Systems Class 12 - Virtual Memory (2) Jonathan Walpole Computer Science Portland State University.
An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.

An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.
Using DISE to Protect Return Addresses from Attack Marc L. Corliss, E Christopher Lewis, Amir Roth University of Pennsylvania.

Using DISE to Protect Return Addresses from Attack Marc L. Corliss, E Christopher Lewis, Amir Roth University of Pennsylvania.
1 Achieving Trusted Systems by Providing Security and Reliability (Research Project #22) Project Members: Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun.

1 Achieving Trusted Systems by Providing Security and Reliability (Research Project #22) Project Members: Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun.
Catching Accurate Profiles in Hardware Satish Narayanasamy, Timothy Sherwood, Suleyman Sair, Brad Calder, George Varghese Presented by Jelena Trajkovic.

Catching Accurate Profiles in Hardware Satish Narayanasamy, Timothy Sherwood, Suleyman Sair, Brad Calder, George Varghese Presented by Jelena Trajkovic.
1 RAKSHA: A FLEXIBLE ARCHITECTURE FOR SOFTWARE SECURITY Computer Systems Laboratory Stanford University Hari Kannan, Michael Dalton, Christos Kozyrakis.

1 RAKSHA: A FLEXIBLE ARCHITECTURE FOR SOFTWARE SECURITY Computer Systems Laboratory Stanford University Hari Kannan, Michael Dalton, Christos Kozyrakis.
Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.

Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.
Department of Electrical and Computer Engineering Kekai Hu, Harikrishnan Chandrikakutty, Deepak Unnikrishnan, Tilman Wolf, and Russell Tessier Department.

Department of Electrical and Computer Engineering Kekai Hu, Harikrishnan Chandrikakutty, Deepak Unnikrishnan, Tilman Wolf, and Russell Tessier Department.

Similar presentations

Ads by Google