|
 ABSTRACT
Preventing execution of unauthorized software on a given computer plays a pivotal role in system security. The key problem is that although a program at the beginning of its execution can be verified as authentic, while running, its execution flow can be redirected to externally injected malicious code using, for example, a buffer overflow exploit. Existing techniques address this problem by trying to detect the intrusion at run-time or by formally verifying that the software is not prone to a particular attack.We take a radically different approach to this problem. We aim at intrusion prevention as the core technology for enabling secure computing systems. Intrusion prevention systems force an adversary to solve a computationally hard task in order to create a binary that can be executed on a given machine. In this paper, we present an exemplary system--SPEF--a combination of architectural and compilation techniques that ensure software integrity at run-time. SPEF embeds encrypted, processor-specific constraints into each block of instructions at software installation time and then verifies their existence at run-time. Thus, the processor can execute only properly installed programs, which makes installation the only system gate that needs to be protected. We have designed a SPEF prototype based on the ARM instruction set and validated its impact on security and performance using the MediaBench suite of applications.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
ARM Corp. The ARM hardware-software development kit. Available online at http://www.arm.com.
|
 |
2
|
|
| |
3
|
S. Chari and P.-C. Cheng. Bluebox: A policy driven, host-based intrusion detection system. Network and Distributed System Security, February 2002.
|
| |
4
|
|
| |
5
|
C. Cowan, C. Pu, D. Maier, H. Hinton, J. Walpole, P. Bakke, S. Beattie, A. Grier, and P. W. Q. Zhang. Stackguard: automatic adaptive detection and prevention of buffer-overflow attacks. USENIX Security Symposium, pages 63-77, Jan. 1998.
|
| |
6
|
C. Cowan, F. Wagle, P. Calton, S. Beattie, and J. Walpole. Buffer overflows: attacks and defenses for the vulnerability of the decade. DARPA Information Survivability Conference and Exposition. IEEE Computer Soc, 2:95-107, 2000.
|
| |
7
|
|
| |
8
|
David Evans , John Guttag , James Horning , Yang Meng Tan, LCLint: a tool for using specifications to check code, Proceedings of the 2nd ACM SIGSOFT symposium on Foundations of software engineering, p.87-96, December 06-09, 1994, New Orleans, Louisiana, United States
|
| |
9
|
I. Goldberg, D. Wagner, R. Thomas, and E. Brewer. A secure environment for untrusted helper applications. USENIX Security Symposium, pages 1-13, July 1996.
|
| |
10
|
Intel Corp. Processor Serial Number Technical Notes. Available on-line at http://www.intel.com.
|
| |
11
|
S. Johnson. Lint, a C program checker. Unix Programmer's Manual, AT&T Bell Laboratories, 1978.
|
| |
12
|
D. Larochelle and D. Evans. Statically detecting likely buffer overflow vulnerabilities. USENIX Security Symposium, pages 177-89, Aug. 2001.
|
| |
13
|
Chunho Lee , Miodrag Potkonjak , William H. Mangione-Smith, MediaBench: a tool for evaluating and synthesizing multimedia and communicatons systems, Proceedings of the 30th annual ACM/IEEE international symposium on Microarchitecture, p.330-335, December 01-03, 1997, Research Triangle Park, North Carolina, United States
|
| |
14
|
|
| |
15
|
|
| |
16
|
R. Minnich. The Linux BIOS Home Page. Available on-line at http://www.acl.lanl.gov/linuxbios.
|
| |
17
|
|
| |
18
|
A. One. Smashing the stack for fun and profit. Phrack, 49, 1996.
|
| |
19
|
Phoenix Technologies Ltd. System BIOS for IBM PCs, Compatibles, and EISA Computers. Addison-Wesley, Reading, MA, 1991.
|
| |
20
|
|
| |
21
|
Sci-Worx GmbH. AES Rijndael core. Available on-line at http://www.sci-worx.com.
|
| |
22
|
|
| |
23
|
R. Sekar and P. Uppuluri. Synthesizing fast intrusion prevention/detection systems from high-level specifications. USENIX Security Symposium, pages 63-78, 1999.
|
| |
24
|
U. Shankar, K. Talwar, J. Foster, and D. Wagner. Detecting format string vulnerabilities with type qualifiers. pages 201-20, 2001.
|
| |
25
|
|
| |
26
|
R. Tomasulo. An efficient algorithm for exploiting multiple arithmetic units. IBM Journal, pages 25-33, 1967.
|
| |
27
|
D. Wagner, J. Foster, E. Brewer, and A. Aiken. A first step towards automated detection of buffer overrun vulnerabilities. Network and Distributed System Security, 2000.
|
| |
28
|
|
| |
29
|
Zero Knowledge Systems Inc. The Intel Pentium III Exploit Page. Available on-line at http://www.zeroknowledge.com/p3/home.asp.
|
CITED BY 14
|
|
|
|
|
|
|
|
|
|
|
Milena Milenković , Aleksandar Milenković , Emil Jovanov, Hardware support for code integrity in embedded processors, Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems, September 24-27, 2005, San Francisco, California, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf