exploiting instruction streams to prevent intrusion l.
Skip this Video
Loading SlideShow in 5 Seconds..
Exploiting Instruction Streams To Prevent Intrusion PowerPoint Presentation
Download Presentation
Exploiting Instruction Streams To Prevent Intrusion

Loading in 2 Seconds...

play fullscreen
1 / 19

Exploiting Instruction Streams To Prevent Intrusion - PowerPoint PPT Presentation

  • Uploaded on

Exploiting Instruction Streams To Prevent Intrusion. Milena Milenkovic. Outline. Introduction Related Work Trusted Instruction Execution Framework The Framework Potential Conclusion. Introduction. Most of today’s computers connected to Internet,

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Exploiting Instruction Streams To Prevent Intrusion' - arleen

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
  • Introduction
  • Related Work
  • Trusted Instruction Execution Framework
  • The Framework Potential
  • Conclusion
  • Most of today’s computers connected to Internet,
  • Even more in the future, including embedded devices
  • One of the major security problems: the execution of the unauthorized code
  • A lot of applications may be vulnerable
  • Attack examples:
    • buffer overflow (heap, stack)
    • format string attack
  • Stack-smashing
  • One solution: allow only execution of trusted instructions
  • Trusted instructions – with a valid signature
  • Previous research:limited number of instruction streams(dynamic basic blocks)
  • Use basic block signatures:run-time verification of the last basic block in an instruction stream
  • Signatures calculated during trusted installation
related work
Related Work
  • Two categories:
    • Static source code analysis
    • Dynamic detection/prevention
  • Static code analysis: false alarms
  • Dynamic
    • Secure Program Execution Framework (SPEF)
    • Tag “spurious” data
    • Monitoring program “behavior” (system calls, performance monitoring registers)
    • Split stack for data/addresses, or secure stack
    • Compilers, compiler and library patches
related work7
Related Work
  • Most related – SPEF: a given program binary has numerous representations with the same functionality
  • During installation, each instruction block is transformed; verified in the run-time
    • compute transformation-invariant hash of the instruction block
    • encrypt the hash value with the secret key
    • use encrypted value to select a transformation (e.g., a particular instruction order in case of instruction scheduling)
  • 7.5%-17.1% increased execution time, Mediabench
  • Also related: tamper-proof techniques, but different granularity
trusted instruction execution
Trusted Instruction Execution
  • Requirements:
    • prevent the execution of unauthorized code
    • the security features should not significantly increase the program execution time
  • This project: proposes a framework that satisfies requirements
trusted instruction execution9
Trusted Instruction Execution
  • Atomic code unit protected by its signature: a basic block
  • Verify all basic blocks?
  • It is enough to verify the signatureof the last basic block (LBB) in the instruction stream, when LBB generated a cache miss
  • Signatures on hard disk: encrypted
architecture for trusted computing





Architecture for Trusted Computing

BBST – Basic Block Signature Table

BBST_M – Basic Block Signature Table (Memory)

BBSVU – Basic Block Signature Verification Unit










signature generation
Signature Generation
  • MISR (Multiple input signature register)
  • Linear feedback coefficients – based on the processor secret key
phases of the security mechanism
Phases of the Security Mechanism
  • Compilation and program installation
    • Signature table (BBST_M) is generated, encrypted and appended to the program binary
  • Program loading in the memory
    • BBST_M is decrypted, loaded in the memory
  • Program execution
    • Signature of each last basic block with cache miss is verified
    • If no match, generate trap to OS – kill process
the framework potential
The Framework Potential
  • 32-bit MISR
  • I-cache: 4 ways, 128 sets, 64B line
  • BBST: 4 ways, 4B line, 128/256 sets
  • LRU replacement
  • Traces of SPEC CPU2000 benchmarks for Alpha architecture
    • F2B, M2B segments
    • 10 integer (CINT), 11 floating-point benchmarks (CFP)
the framework potential18
The Framework Potential
  • Also measured;
    • the number of instruction cache misses
    • the number of BBST accesses
  • The number of BBST misses – very small
  • Trusted instruction overheadwill not significantly hurt performance
  • Proposed a framework for trusted instruction execution,evaluated potential
  • Promises to be faster than SPEF, with additional hardware resources and BBST appended to program binary
  • Future work:
    • asses different BBST organizations
    • preload BBST?
    • simulate execution time
    • evaluate an alternative implementation:signature embedded in the code