Research
Publication date: 2014/12/13Conference Name: Proceedings of the 47th Annual IEEE/ACM International Symposium on MicroarchitecturePages: 229-241Publisher: IEEE Computer Society
DescriptionAbstract— The construction of trustworthy systems demands that the execution of every piece of code is validated as genuine, that is, the executed codes do exactly what they are supposed to do. Pre-execution validations of code integrity fail to detect run time compromises like code injection, return and jump-oriented programming, and illegal dynamic linking of program modules. We propose and evaluate a generalized mechanism called REV (for Run-time Execution Validator) that can be easily integrated into a contemporary out-of-order processor to validate, as the program executes, the control flow path and instructions executed along the control flow path. To prevent memory from being tainted by compromised code, REV also prevents updates to the memory from a basic block until its execution has been authenticated. Although control flow signature based authentication of an execution has been suggested before for software testing and for restricted cases of embedded systems, their extensions to out-of-order cores is a non-incremental effort from a microarchitectural standpoint. Unlike REV, the existing solutions do not scale with binary sizes, require binaries to be altered or require new ISA support and also fail to contain errors and, in general, impose a heavy performance penalty. We show, using a detailed cycle accurate micro architectural simulator for an out-of-order pipeline implementing the X86 ISA that the performance overhead of REV is limited to 1.87% on the average across the SPEC 2006 benchmarks.Keywords-component; Trusted Computing, Control-Flow Validation, Secure Execution, Control-Flow Integrity, Hardware Security, Computer Security- Publication date: 2012/10/9Patent office: USPatent number: 8285999Application number: 12/631839
DescriptionWith the widespread use of the distributed systems comes the need to secure such systems against a wide variety of threats. Recent security mechanisms are grossly inadequate in authenticating the program executions at the clients or servers, as the clients, servers and the executing programs themselves can be compromised after the clients and servers pass the authentication phase. A generic framework is provided for authenticating remote executions on a potentially untrusted remote server—essentially validating that what is … - Publication date: 2008/12/8Conference name: Computer Security Applications Conference, 2008. ACSAC 2008. AnnualPages: 453-462Publisher: IEEE
DescriptionAbstract With the widespread use of the distributed systems comes the need to secure such systems against a wide variety of threats. Recent security mechanisms are grossly inadequate in authenticating the program executions at the clients or servers, as the clients, servers and the executing programs themselves can be compromised after the clients and servers pass the authentication phase. This paper presents a generic framework for authenticating remote executions on a potentially untrusted remote server–essentially … - Publication date: 2013/11Institution: STATE UNIVERSITY OF NEW YORK AT BINGHAMTON
DescriptionAbstract: Constructing trustworthy computer systems requires validating that every executed
piece of code is genuine and that the programs do exactly what they are supposed to do.
However, pre-execution code integrity validations can fail to detect run-time compromises,
such as code injection, return and jump-oriented programming, and illegal linking of code to
compromised library functions. In this dissertation, we propose and investigate three distinct
mechanisms for authenticating code execution at run-time. The common goal of these … - Publication date: 2013/3/18Conference Name: Proceedings of the 28th Annual ACM Symposium on Applied ComputingPages: 1859-1866Publisher: ACM
DescriptionAbstract: We propose and experimentally evaluate a technique of authenticating the execution of a program through the continuous run-time validation of control flow. Control flow authentication is useful in detecting security violations that alter the normal flow of control at run time through techniques such as call stack smashing, return and jump-oriented programming. Our technique relies on the use of existing support for branch tracing in contemporary processors, typified by the branch trace store (BTS) mechanism of … - Publication date: 2012/2/15Conference Name: Parallel, Distributed and Network-Based Processing (PDP), 2012 20th Euromicro International Conference onPages: 359-367Publisher: IEEE
DescriptionAbstract: We address the problem of improving the energy efficiency of servers that provide web-based services, including services provided through clouds. We propose an automated technique for allocating workload to servers to operate the fewest number of servers that are needed to cope with the instantaneous workload, leaving some headroom for workload surges. The technique requires no a priori knowledge about individual workloads and manages the server states explicitly. We use synthetic scripts, a small server setup and …