Pioneer

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems

Full text

Pdf (264 KB)

Source

ACM Symposium on Operating Systems Principles archive
Proceedings of the twentieth ACM symposium on Operating systems principles table of contents

Brighton, United Kingdom

SESSION: Integrity and isolation table of contents

Pages: 1 - 16

Year of Publication: 2005

ISBN:1-59593-079-5

Also published in ...

Authors

Arvind Seshadri	CMU/CyLab
Mark Luk	CMU/CyLab
Elaine Shi	CMU/CyLab
Adrian Perrig	CMU/CyLab
Leendert van Doorn	IBM
Pradeep Khosla	CMU/CyLab

Sponsors

ACM: Association for Computing Machinery
SIGOPS: ACM Special Interest Group on Operating Systems

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 22, Downloads (12 Months): 203, Citation Count: 25

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1095810.1095812 What is a DOI?

ABSTRACT

We propose a primitive, called Pioneer, as a first step towards verifiable code execution on untrusted legacy hosts. Pioneer does not require any hardware support such as secure co-processors or CPU-architecture extensions. We implement Pioneer on an Intel Pentium IV Xeon processor. Pioneer can be used as a basic building block to build security systems. We demonstrate this by building a kernel rootkit detector.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Tripwire. http://sourceforge.net/projects/tripwire/.
	2	VMware. http://www.vmware.com/.
	3	AMD platform for trustworthy computing. In WinHEC, September 2003.
	4	Secure virtual machine architecture reference manual. AMD Corp., May 2005.
	5	Network Appliance. Postmark: A new file system benchmark. Available at http://www.netapp.com/techlibrary/3022.html, 2004.
	6	W. Arbaugh. Personal communication, May 2005.
	7	D. Boggs, A. Baktha, J. Hawkins, D. Marr, J. Miller, P. Roussel, R. Singhal, B. Toll, and K.S. Venkatraman. The microarchitecture of the Intel Pentium 4 processor on 90nm technology. Intel Technology Journal, 8(01), February 2004.
	8	B. Chen and R. Morris. Certifying program execution with secure procesors. In Proceedings of HotOS IX, 2003.
	9	A. Chuvakin. Ups and downs of unix/linux host-based security solutions. ;login: The Magazine of USENIX and SAGE, 28(2), April 2003.
	10	Free Software Foundation. superopt - finds the shortest instruction sequence for a given function. http://www.gnu.org/directory/devel/compilers/superopt.html.
	11	Tal Garfinkel , Ben Pfaff , Jim Chow , Mendel Rosenblum , Dan Boneh, Terra: a virtual machine-based platform for trusted computing, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
	12	Intel Corp. LaGrande Technology Architectural Overview, September 2003.
	13	Intel Corporation. IA32 Intel Architecture Software Developer's Manual Vol.1.
	14	K. J. Jones. Loadable Kernel Modules. ;login: The Magazine of USENIX and SAGE, 26(7), November 2001.
	15	Rajeev Joshi , Greg Nelson , Keith Randall, Denali: a goal-directed superoptimizer, Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation, June 17-19, 2002, Berlin, Germany
	16	R. Kennell and L. Jamieson. Establishing the genuinity of remote computer systems. In Proceedings of USENIX Security Symposium, August 2003.
	17	Samuel T. King , Peter M. Chen, Backtracking intrusions, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
	18	Alexander Klimov , Adi Shamir, A New Class of Invertible Mappings, Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems, p.470-483, August 13-15, 2002
	19	N. Petroni, T. Fraser, J. Molina, and W. Arbaugh. Copilot - a coprocessor-based kernel runtime integrity monitor. In Proceedings of USENIX Security Symposium, pages 179--194, 2004.
	20	R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In Proceedings of USENIX Security Symposium, pages 223--238, 2004.
	21	A. Seshadri, A. Perrig, L. van Doorn, and P. Khosla. SWATT: Software-based attestation for embedded devices. In Proceedings of IEEE Symposium on Security and Privacy, May 2004.
	22	U. Shankar, M. Chew, and J. D. Tygar. Side effects are not sufficient to authenticate software. In Proceedings of USENIX Security Symposium, pages 89--101, August 2004.
	23	Elaine Shi , Adrian Perrig , Leendert Van Doorn, BIND: A Fine-Grained Attestation Service for Secure Distributed Systems, Proceedings of the 2005 IEEE Symposium on Security and Privacy, p.154-168, May 08-11, 2005 [doi>10.1109/SP.2005.4]
	24	Trusted Computing Group (TCG). https://www.trustedcomputinggroup.org/, 2003.
	25	Xiaoyun Wang, Yiqun Yin, and Hongbo Yu. Finding collisions in the full sha-1. In Proceedings of Crypto, August 2005.
	26	Y. Wang, R. Roussev, C. Verbowski, A. Johnson, and D. Ladd. AskStrider: What has changed on my machine lately? Technical Report MSR-TR-2004-03, Microsoft Research, 2004.
	27	Y. Wang, B. Vo, R. Roussev, C. Verbowski, and A. Johnson. Strider GhostBuster: Why it's a bad idea for stealth software to hide files. Technical Report MSR-TR-2004-71, Microsoft Research, 2004.
	28	Glenn Wurster , P. C. van Oorschot , Anil Somayaji, A Generic Attack on Checksumming-Based Software Tamper Resistance, Proceedings of the 2005 IEEE Symposium on Security and Privacy, p.127-138, May 08-11, 2005 [doi>10.1109/SP.2005.2]
	29	D. Zovi. Kernel rootkits. http://www.cs.unm.edu/~ghandi/lkr.pdf.

CITED BY 25

	Alan Shieh , Dan Williams , Emin Gün Sirer , Fred B. Schneider, Nexus: a new operating system for trustworthy computing, Proceedings of the twentieth ACM symposium on Operating systems principles, October 23-26, 2005, Brighton, United Kingdom
	Dries Schellekens , Brecht Wyseur , Bart Preneel, Remote Attestation on Legacy Operating Systems With Trusted Platform Modules, Electronic Notes in Theoretical Computer Science (ENTCS), v.197 n.1, p.59-72, February, 2008
	Arvind Seshadri , Mark Luk , Adrian Perrig , Leendert van Doorn , Pradeep Khosla, SCUBA: Secure Code Update By Attestation in sensor networks, Proceedings of the 5th ACM workshop on Wireless security, September 29-29, 2006, Los Angeles, California
	Jedidiah R. Crandall , Gary Wassermann , Daniela A. S. de Oliveira , Zhendong Su , S. Felix Wu , Frederic T. Chong, Temporal search: detecting hidden malware timebombs with virtual machines, ACM SIGPLAN Notices, v.41 n.11, November 2006
	Peter A. Loscocco , Perry W. Wilson , J. Aaron Pendergrass , C. Durward McDonell, Linux kernel integrity measurement using contextual inspection, Proceedings of the 2007 ACM workshop on Scalable trusted computing, November 02-02, 2007, Alexandria, Virginia, USA
	Arvind Seshadri , Mark Luk , Ning Qu , Adrian Perrig, SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes, ACM SIGOPS Operating Systems Review, v.41 n.6, December 2007
	Nick L. Petroni, Jr. , Michael Hicks, Automated detection of persistent kernel control-flow attacks, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA
	Daniel Sandler , Dan S. Wallach, Casting votes in the auditorium, Proceedings of the USENIX/Accurate Electronic Voting Technology on USENIX/Accurate Electronic Voting Technology Workshop, p.4-4, August 06, 2007, Boston, MA
	Ryan Gardner , Sujata Garera , Aviel D. Rubin, On the difficulty of validating voting machine software with software, Proceedings of the USENIX/Accurate Electronic Voting Technology on USENIX/Accurate Electronic Voting Technology Workshop, p.11-11, August 06, 2007, Boston, MA
	Matthias Jacob , Mariusz H. Jakubowski , Ramarathnam Venkatesan, Towards integral binary execution: implementing oblivious hashing using overlapped instruction encodings, Proceedings of the 9th workshop on Multimedia & security, September 20-21, 2007, Dallas, Texas, USA
	Annarita Giani , Gabor Karsai , Tanya Roosta , Aakash Shah , Bruno Sinopoli , Jon Wiley, A testbed for secure and robust SCADA systems, ACM SIGBED Review, v.5 n.2, p.1-4, July 2008
	Jonathan M. McCune , Bryan J. Parno , Adrian Perrig , Michael K. Reiter , Hiroshi Isozaki, Flicker: an execution infrastructure for tcb minimization, ACM SIGOPS Operating Systems Review, v.42 n.4, May 2008
	Jason Franklin , Mark Luk , Jonathan M. McCune , Arvind Seshadri , Adrian Perrig , Leendert van Doorn, Remote detection of virtual machine monitors with fuzzy benchmarking, ACM SIGOPS Operating Systems Review, v.42 n.3, April 2008
	Jonathan M. McCune , Bryan Parno , Adrian Perrig , Michael K. Reiter , Arvind Seshadri, How low can you go?: recommendations for hardware-supported minimal TCB code execution, ACM SIGARCH Computer Architecture News, v.36 n.1, March 2008
	Jonathan Appavoo , Volkmar Uhlig , Amos Waterland, Project Kittyhawk: building a global-scale computer: Blue Gene/P as a generic computing platform, ACM SIGOPS Operating Systems Review, v.42 n.1, January 2008
	Prashant Dewan , David Durham , Hormuzd Khosravi , Men Long , Gayathri Nagabhushan, A hypervisor-based system for protecting software runtime memory and persistent storage, Proceedings of the 2008 Spring simulation multiconference, April 14-17, 2008, Ottawa, Canada
	Ajay Surie , Adrian Perrig , Mahadev Satyanarayanan , David J. Farber, Rapid Trust Establishment for Pervasive Personal Computing, IEEE Pervasive Computing, v.6 n.4, p.24-30, October 2007
	Scott Garriss , Rámon Cáceres , Stefan Berger , Reiner Sailer , Leendert van Doorn , Xiaolan Zhang, Trustworthy and personalized computing on public kiosks, Proceeding of the 6th international conference on Mobile systems, applications, and services, June 17-20, 2008, Breckenridge, CO, USA
	Nishkam Ravi , Chandra Narayanaswami , Mandayam Raghunath , Marcel-Catalin Rosu, Securing Pocket Hard Drives, IEEE Pervasive Computing, v.6 n.4, p.18-23, October 2007
	Liang Gu , Xuhua Ding , Robert Huijie Deng , Bing Xie , Hong Mei, Remote attestation on program execution, Proceedings of the 3rd ACM workshop on Scalable trusted computing, October 31-31, 2008, Alexandria, Virginia, USA
	Dries Schellekens , Brecht Wyseur , Bart Preneel, Remote attestation on legacy operating systems with trusted platform modules, Science of Computer Programming, v.74 n.1-2, p.13-22, December, 2008
	Michael Maaser , Peter Langendörfer, Privacy from promises to protection: privacy guaranteeing execution container, Mobile Networks and Applications, v.14 n.1, p.65-81, February 2009
	Mariano Ceccato , Mila Dalla Preda , Jasvir Nagra , Christian Collberg , Paolo Tonella, Trading-off security and performance in barrier slicing for remote software entrusting, Automated Software Engineering, v.16 n.2, p.235-261, June 2009
	Mariano Ceccato , Paolo Tonella , Mila Dalla Preda , Anirban Majumdar, Remote software protection by orthogonal client replacement, Proceedings of the 2009 ACM symposium on Applied Computing, March 08-12, 2009, Honolulu, Hawaii
	Ramakrishna Gummadi , Hari Balakrishnan , Petros Maniatis , Sylvia Ratnasamy, Not-a-Bot: improving service availability in the face of botnet attacks, Proceedings of the 6th USENIX symposium on Networked systems design and implementation, p.307-320, April 22-24, 2009, Boston, Massachusetts