A high-performance, low-overhead microarchitecture for secure program execution

Kanuparthi, Arun K.; Karri, Ramesh; Ormazabal, Gaston; Addepalli, Sateesh

doi:10.1109/iccd.2012.6378624

Cited by 14 publications

(14 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This assignment process is shown in Figure 2(c). After the matching 2 Though we arbitrarily chose zero, any code can be assigned to the root. is complete, the nodes in G are assigned Hamming codes as shown in Figure 2(d).…”

Section: B Compile Time Preprocessingmentioning

confidence: 99%

“…These attacks are successful because most programs are written in type-unsafe languages (such as C, or C++) that do not enforce bounds-checking on data inputs. Such attacks can be detected using techniques such as Write xor eXecute (W⊕X), Address Space Layout Randomization (ASLR), stack canaries, and other runtime integrity checking techniques [1], [2]. Attackers can bypass these mechanisms using code reuse attacks (CRAs), such as Return Oriented Programming (ROP), by exploiting vulnerabilities in the above techniques [3].…”

Section: Introductionmentioning

confidence: 99%

“…These include software-based control flow integrity techniques such as [4], [5], [6], [7], [8], and hardware-based techniques such as [2], [9], [10], [11], [12], [13], [14]. However, these approaches either do not protect against CRAs or suffer from high performance overheads.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Controlling your control flow graph

Kanuparthi

Rajendran²,

Karri

2016

2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)

Self Cite

View full text Add to dashboard Cite

Code Reuse Attacks (CRAs) are software exploits in which an attacker directs program control flow through existing code without injecting malicious code to achieve his objective. In this paper, we propose Dynamic Sequence Checker (DSC), a framework to verify the validity of control flow between basic blocks in the program. Unique codes are assigned to every basic block in the program at compile time in such a way that the Hamming distance between two legally connected basic blocks is a known constant. At runtime, Hamming distance between the codes assigned to the source and destination basic blocks are calculated and compared against the known constant, to verify the control flow. Execution is aborted if the Hamming distance comparison does not match. We implemented DSC on a cycle-accurate x86 simulator. DSC has been able to detect all the CRA gadgets reported by the ROPGadget tool. The average performance overhead is 4.7% over a baseline processor.

show abstract

Section: B Compile Time Preprocessingmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Controlling your control flow graph

Kanuparthi

Rajendran²,

Karri

2016

2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)

Self Cite

View full text Add to dashboard Cite

show abstract

“…However, in our application scenario, heart rates are typically generated within 0.5-2.5 s and thus no further optimizations to the detection times are needed. Thus, when comparing our performance results with similar work where code integrity is checked via hardware monitors [26][27][28], our approach presents a faster detection response with the ability to detect zero-day malware without imposing significant performance degradation on the embedded target processor. As shown in [26], using hashes of basic blocks for checking instruction integrity imposes a substantial overhead.…”

Section: Performance Analysismentioning

confidence: 99%

“…In these presented approaches, the methods to detect anomalies depend on monitoring the control flow execution of an application [7,8,24,25] or rely on instruction-based monitoring [26][27][28]. In the former, static analysis of expected program behavior is extracted and then used by hardware monitors to observe the program's execution trace.…”

Section: Prior Workmentioning

confidence: 99%

Hardware-Based Run-Time Code Integrity in Embedded Devices

2018

View full text Add to dashboard Cite

Attacks on embedded devices are becoming more and more prevalent, primarily due to the extensively increasing plethora of software vulnerabilities. One of the most dangerous types of these attacks targets application code at run-time. Techniques to detect such attacks typically rely on software due to the ease of implementation and integration. However, these techniques are still vulnerable to the same attacks due to their software nature. In this work, we present a novel hardware-assisted run-time code integrity checking technique where we aim to detect if executable code resident in memory is modified at run-time by an adversary. Specifically, a hardware monitor is designed and attached to the device's main memory system. The monitor creates page-based signatures (hashes) of the code running on the system at compile-time and stores them in a secure database. It then checks for the integrity of the code pages at run-time by regenerating the page-based hashes (with data segments zeroed out) and comparing them to the legitimate hashes. The goal is for any modification to the binary of a user-level or kernel-level process that is resident in memory to cause a comparison failure and lead to a kernel interrupt which allows the affected application to halt safely.

show abstract

ShadowStack: A new approach for secure program execution

Ferreira

Vargas

2015

Microelectronics Reliability

View full text Add to dashboard Cite

A high-performance, low-overhead microarchitecture for secure program execution

Cited by 14 publications

References 9 publications

Controlling your control flow graph

Controlling your control flow graph

Hardware-Based Run-Time Code Integrity in Embedded Devices

ShadowStack: A new approach for secure program execution

Contact Info

Product

Resources

About