|
 ABSTRACT
Computer security becomes increasingly important with continual growth of the number of interconnected computing platforms. Moreover, as capabilities of embedded processors increase, the applications running on these systems also grow in size and complexity, and so does the number of security vulnerabilities. Attacks that impair code integrity by injecting and executing malicious code are one of the major security issues. This problem can be addressed at different levels, from more secure software and operating systems, down to solutions that require hardware support. Most of the existing techniques tackle the problem of security flaws at the software level, but this approach lacks generality and often induces prohibitive overhead in performance and cost, or generates a significant number of false alarms. On the other hand, a further increase in the number of transistors on a single chip enables integrated hardware support for functions that formerly were restricted to the software domain. Hardware-supported defense techniques have the potential to be more general and more efficient than solely software solutions. This paper proposes four new architectural extensions to ensure complete run-time code integrity using instruction block signature verification. The experimental analysis shows that the proposed techniques have low performance and energy overhead. In addition, the proposed mechanism has low hardware complexity, and does not impose either changes to the compiler or changes to the existing instruction set architecture.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
"Enhanced Aes (Rijndael) IP Core," http://www.asics.ws (Available December 2004).
|
| |
2
|
"Intel Xscale® Core Developer's Manual," http://www.intel.com/design/intelxscale/ (Available December 2004).
|
| |
3
|
|
| |
4
|
|
| |
5
|
Bhatkar, S., DuVarney, D. C., and Sekar, R., "Address Obfuscation: An Approach to Combat Buffer Overflows, Format-String Attacks, and More," in Proceedings of the 12th USENIX Security Symposium, Washington, DC, USA, 2003, 105--120.
|
 |
6
|
|
| |
7
|
Busser, P., "Memory Protection with Pax and the Stack Smashing Protector: Breaking out Peace," Linux Magazine, 40(March 2004), 36--39.
|
| |
8
|
Conover, M., "w00w00 on Heap Overflows," http://www.w00w00.org/files/articles/heaptut.txt (Available January 2005).
|
| |
9
|
Corliss, M., Lewis, E. C., and Roth, A., "Using DISE to Protect Return Addresses from Attack," in Proceedings of the Workshop on Architectural Support for Security and Anti-Virus (WASSA), Boston, MA, USA, 2004, 61--68.
|
| |
10
|
Cowan, C., Beattie, S., Johansen, J., and Wagle, P., "Pointguard™: Protecting Pointers from Buffer Overflow Vulnerabilities," in Proceedings of the 12th USENIX Security Symposium, Washington, DC, USA, 2003, 91--104.
|
| |
11
|
Cowan, C., Pu, C., Maier, D., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q., and Hinton, H., "Stackguard: Automatic Adaptive Detection and Prevention of Buffer Overflow Attacks," in Proceedings of the 7th USENIX Security Conference, San Antonio, TX, USA, 1998, 63--78.
|
| |
12
|
|
| |
13
|
Dobrovitski, I., "Exploit for Cvs Double free() for Linux pserver," http://seclists.org/lists/bugtraq/2003/Feb/0042.html (Available January 2005).
|
| |
14
|
|
| |
15
|
|
| |
16
|
Fetzer, C. and Xiao, Z., "Detecting Heap Smashing Attacks through Fault Containment Wrappers," in Proceedings of the 20th IEEE Symposium on Reliable Distributed Systems, New Orleans, LA, USA, 2001, 80--89.
|
| |
17
|
Guthaus, M. R., Ringenberg, J. S., Ernst, D., Austin, T. M., Mudge, T., and Brown, R. B., "MiBench: A Free, Commercially Representative Embedded Benchmark Suite," in Proceedings of the IEEE 4th Annual Workshop on Workload Characterization, Austin, TX, USA, 2001.
|
| |
18
|
|
| |
19
|
Nam Sung Kim , Taeho Kgil , Valeria Bertacco , Todd Austin , Trevor Mudge, Microarchitectural power modeling techniques for deep sub-micron microprocessors, Proceedings of the 2004 international symposium on Low power electronics and design, August 09-11, 2004, Newport Beach, California, USA
[doi> 10.1145/1013235.1013290]
|
| |
20
|
|
| |
21
|
Larus, J. R., Ball, T., Das, M., DeLine, R., Fähndrich, M., Pincus, J., Rajamani, S. K., and Venkatapathy, R., "Righting Software," IEEE Software, 21, 3 (May-June 2004), 92--100.
|
| |
22
|
Lee, C., Potkonjak, M., and Mangione-Smith, W. H., "MediaBench: A Tool for Evaluating and Synthesizing Multimedia and Communications Systems," IEEE Micro, 30, 1 (December 1997), 330--335.
|
| |
23
|
Lee, R. B., Karig, D. K., McGregor, J. P., and Shi, Z., "Enlisting Hardware Architecture to Thwart Malicious Code Injection," in Proceedings of the Security in Pervasive Computing, Boppard, Germany, 2003, 237--252.
|
| |
24
|
|
| |
25
|
David Lie Chandramohan Thekkath , Mark Mitchell , Patrick Lincoln , Dan Boneh , John Mitchell , Mark Horowitz, Architectural support for copy and tamper resistant software, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.168-177, November 2000, Cambridge, Massachusetts, United States
|
| |
26
|
|
| |
27
|
|
| |
28
|
|
| |
29
|
Milenkovic, M., Milenkovic, A., and Jovanov, E., "Using Instruction Block Signatures to Counter Code Injection Attacks," in Proceedings of the Workshop on Architectural Support for Security and Anti-Virus (WASSA), Boston, MA, USA, 2004, 104--113.
|
| |
30
|
Newsham, T., "Format String Attacks," September 2000, http://www.securityfocus.com/guest/3342 (Available January 2004).
|
| |
31
|
One, A., "Smashing the Stack for Fun and Profit," Phrack Magazine, 7, 49 (November 1996).
|
| |
32
|
Oppenheimer, D. L. and Martonosi, M. R., "Performance Signatures: A Mechanism for Intrusion Detection," in Proceedings of the 1997 IEEE Information Survivability Workshop, San Diego, CA, USA, 1997.
|
| |
33
|
Ozdoganoglu, H., Brodley, C. E., Vijaykumar, T. N., Kuperman, B. A., and Jalote, A., "SmashGuard: A Hardware Solution to Prevent Security Attacks on the Function Return Address," Purdue University, TR-ECE 03--13, November 22, 2003.
|
| |
34
|
|
| |
35
|
|
| |
36
|
Shen, J. P. and Schuette, M. A., "On-Line Self-Monitoring Using Signatured Instruction Streams," in Proceedings of the 1983 IEEE International Test Conference, Philadelphia, PA, USA, 1983, 275--282.
|
| |
37
|
G. Edward Suh , Jae W. Lee , David Zhang , Srinivas Devadas, Secure program execution via dynamic information flow tracking, Proceedings of the 11th international conference on Architectural support for programming languages and operating systems, October 07-13, 2004, Boston, MA, USA
|
| |
38
|
|
| |
39
|
US-CERT, "Cert/Cc Statistics," http://www.cert.org/stats/ (Available December 2003).
|
| |
40
|
US-CERT, "Cyber Security Bulletin Sb04--231," http://www.us-cert.gov/cas/bulletins/SB04--231.html (Available November 2004).
|
| |
41
|
Wagner, D., Foster, J. S., Brewer, E. A., and Aiken, A., "A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities," in Proceedings of the Network and Distributed System Security Symposium (NDCS), San Diego, CA, USA, 2000.
|
| |
42
|
Wilken, K. and Shen, J. P., "Continuous Signature Monitoring: Low-Cost Concurrent Detection of Processor Control Errors," IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 9, 6 (June 1990), 629--641.
|
| |
43
|
Xu, J., Kalbarczyk, Z., Patel, S., and Iyer, R. K., "Architecture Support for Defending against Buffer Overflow Attacks," in Proceedings of the Workshop on Evaluating and Architecting System dependability (EASY), San Jose, CA, USA, 2002.
|
| |
44
|
|
| |
45
|
Ye, D. and Kaeli, D., "A Reliable Return Address Stack: Microarchitectural Features to Defeat Stack Smashing," in Proceedings of the Workshop on Architectural Support for Security and Anti-Virus (WASSA), Boston, MA, USA, 2004, 69--76.
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
C.1