Static secure page allocation for light-weight dynamic information flow tracking

Dynamic information flow tracking (DIFT) is an effective security countermeasure for both low-level memory corruptions and high-level semantic attacks. However, many software approaches suffer large performance degradation, and hardware approaches have high logic and storage overhead. We propose a f...

Full description

Autores:

Tipo de recurso:

Fecha de publicación:: 2012

Institución:: Universidad Tecnológica de Bolívar

Repositorio:: Repositorio Institucional UTB

Idioma:: eng

id	UTB2_0dff0f819d809e39fbefb6b137879967
oai_identifier_str	oai:repositorio.utb.edu.co:20.500.12585/9091
network_acronym_str	UTB2
network_name_str	Repositorio Institucional UTB
repository_id_str
dc.title.none.fl_str_mv	Static secure page allocation for light-weight dynamic information flow tracking
title	Static secure page allocation for light-weight dynamic information flow tracking
spellingShingle	Static secure page allocation for light-weight dynamic information flow tracking Dynamic information flow tracking Security attacks Static control flow analysis Critical information Dynamic information flow tracking Hardware-software codesign High level semantics Light weight Memory corruption Memory overheads Memory pages Page allocation Performance degradation Security attacks Security countermeasures Software approach Static control Storage overhead System calls Embedded systems Hardware Program compilers Semantics Digital storage
title_short	Static secure page allocation for light-weight dynamic information flow tracking
title_full	Static secure page allocation for light-weight dynamic information flow tracking
title_fullStr	Static secure page allocation for light-weight dynamic information flow tracking
title_full_unstemmed	Static secure page allocation for light-weight dynamic information flow tracking
title_sort	Static secure page allocation for light-weight dynamic information flow tracking
dc.subject.keywords.none.fl_str_mv	Dynamic information flow tracking Security attacks Static control flow analysis Critical information Dynamic information flow tracking Hardware-software codesign High level semantics Light weight Memory corruption Memory overheads Memory pages Page allocation Performance degradation Security attacks Security countermeasures Software approach Static control Storage overhead System calls Embedded systems Hardware Program compilers Semantics Digital storage
topic	Dynamic information flow tracking Security attacks Static control flow analysis Critical information Dynamic information flow tracking Hardware-software codesign High level semantics Light weight Memory corruption Memory overheads Memory pages Page allocation Performance degradation Security attacks Security countermeasures Software approach Static control Storage overhead System calls Embedded systems Hardware Program compilers Semantics Digital storage
description	Dynamic information flow tracking (DIFT) is an effective security countermeasure for both low-level memory corruptions and high-level semantic attacks. However, many software approaches suffer large performance degradation, and hardware approaches have high logic and storage overhead. We propose a flexible and light-weight hardware/software co-design approach to perform DIFT based on secure page allocation. Instead of associating every data with a taint tag, we aggregate data according to their taints, i.e., putting data with different attributes in separate memory pages. Our approach is a compiler-aided process with architecture support. The implementation and analysis show that the memory overhead is little, and our approach can protect critical information, including return address, indirect jump address, and system call IDs, from being overwritten by malicious users. Copyright 2012 ACM.
publishDate	2012
dc.date.issued.none.fl_str_mv	2012
dc.date.accessioned.none.fl_str_mv	2020-03-26T16:32:55Z
dc.date.available.none.fl_str_mv	2020-03-26T16:32:55Z
dc.type.coarversion.fl_str_mv	http://purl.org/coar/version/c_970fb48d4fbd8a85
dc.type.coar.fl_str_mv	http://purl.org/coar/resource_type/c_c94f
dc.type.driver.none.fl_str_mv	info:eu-repo/semantics/conferenceObject
dc.type.hasVersion.none.fl_str_mv	info:eu-repo/semantics/publishedVersion
dc.type.spa.none.fl_str_mv	Conferencia
status_str	publishedVersion
dc.identifier.citation.none.fl_str_mv	CASES'12 - Proceedings of the 2012 ACM International Conference on Compilers, Architectures and Synthesis for Embedded Systems, Co-located with ESWEEK; pp. 27-36
dc.identifier.isbn.none.fl_str_mv	9781450314244
dc.identifier.uri.none.fl_str_mv	https://hdl.handle.net/20.500.12585/9091
dc.identifier.doi.none.fl_str_mv	10.1145/2380403.2380415
dc.identifier.instname.none.fl_str_mv	Universidad Tecnológica de Bolívar
dc.identifier.reponame.none.fl_str_mv	Repositorio UTB
dc.identifier.orcid.none.fl_str_mv	26325154200 7103059457 35225236800
identifier_str_mv	CASES'12 - Proceedings of the 2012 ACM International Conference on Compilers, Architectures and Synthesis for Embedded Systems, Co-located with ESWEEK; pp. 27-36 9781450314244 10.1145/2380403.2380415 Universidad Tecnológica de Bolívar Repositorio UTB 26325154200 7103059457 35225236800
url	https://hdl.handle.net/20.500.12585/9091
dc.language.iso.none.fl_str_mv	eng
language	eng
dc.relation.conferenceplace.none.fl_str_mv	Tampere
dc.relation.conferencedate.none.fl_str_mv	7 October 2012 through 12 October 2012
dc.rights.coar.fl_str_mv	http://purl.org/coar/access_right/c_16ec
dc.rights.uri.none.fl_str_mv	http://creativecommons.org/licenses/by-nc-nd/4.0/
dc.rights.accessRights.none.fl_str_mv	info:eu-repo/semantics/restrictedAccess
dc.rights.cc.none.fl_str_mv	Atribución-NoComercial 4.0 Internacional
rights_invalid_str_mv	http://creativecommons.org/licenses/by-nc-nd/4.0/ Atribución-NoComercial 4.0 Internacional http://purl.org/coar/access_right/c_16ec
eu_rights_str_mv	restrictedAccess
dc.format.medium.none.fl_str_mv	Recurso electrónico
dc.format.mimetype.none.fl_str_mv	application/pdf
dc.source.none.fl_str_mv	https://www.scopus.com/inward/record.uri?eid=2-s2.0-84869031279&doi=10.1145%2f2380403.2380415&partnerID=40&md5=43847ed3df6018aa90812c8dcf0c6dff Scopus2-s2.0-84869031279
institution	Universidad Tecnológica de Bolívar
dc.source.event.none.fl_str_mv	2012 ACM International Conference on Compilers, Architectures and Synthesis for Embedded Systems, CASES 2012, Co-located with 8th Embedded Systems Week, ESWEEK 2012
bitstream.url.fl_str_mv	https://repositorio.utb.edu.co/bitstream/20.500.12585/9091/1/MiniProdInv.png
bitstream.checksum.fl_str_mv	0cb0f101a8d16897fb46fc914d3d7043
bitstream.checksumAlgorithm.fl_str_mv	MD5
repository.name.fl_str_mv	Repositorio Institucional UTB
repository.mail.fl_str_mv	repositorioutb@utb.edu.co
_version_	1814021762898198528
spelling	2020-03-26T16:32:55Z2020-03-26T16:32:55Z2012CASES'12 - Proceedings of the 2012 ACM International Conference on Compilers, Architectures and Synthesis for Embedded Systems, Co-located with ESWEEK; pp. 27-369781450314244https://hdl.handle.net/20.500.12585/909110.1145/2380403.2380415Universidad Tecnológica de BolívarRepositorio UTB26325154200710305945735225236800Dynamic information flow tracking (DIFT) is an effective security countermeasure for both low-level memory corruptions and high-level semantic attacks. However, many software approaches suffer large performance degradation, and hardware approaches have high logic and storage overhead. We propose a flexible and light-weight hardware/software co-design approach to perform DIFT based on secure page allocation. Instead of associating every data with a taint tag, we aggregate data according to their taints, i.e., putting data with different attributes in separate memory pages. Our approach is a compiler-aided process with architecture support. The implementation and analysis show that the memory overhead is little, and our approach can protect critical information, including return address, indirect jump address, and system call IDs, from being overwritten by malicious users. Copyright 2012 ACM.ACM Spec. Interest Group Microarchitectural Res.;Process. (SIGMICRO);ACM Special Interest Group on Embedded Systems (SIGBED);ACM Special Interest Group on Design Automation (SIGDA)Recurso electrónicoapplication/pdfenghttp://creativecommons.org/licenses/by-nc-nd/4.0/info:eu-repo/semantics/restrictedAccessAtribución-NoComercial 4.0 Internacionalhttp://purl.org/coar/access_right/c_16echttps://www.scopus.com/inward/record.uri?eid=2-s2.0-84869031279&doi=10.1145%2f2380403.2380415&partnerID=40&md5=43847ed3df6018aa90812c8dcf0c6dffScopus2-s2.0-848690312792012 ACM International Conference on Compilers, Architectures and Synthesis for Embedded Systems, CASES 2012, Co-located with 8th Embedded Systems Week, ESWEEK 2012Static secure page allocation for light-weight dynamic information flow trackinginfo:eu-repo/semantics/conferenceObjectinfo:eu-repo/semantics/publishedVersionConferenciahttp://purl.org/coar/version/c_970fb48d4fbd8a85http://purl.org/coar/resource_type/c_c94fDynamic information flow trackingSecurity attacksStatic control flow analysisCritical informationDynamic information flow trackingHardware-software codesignHigh level semanticsLight weightMemory corruptionMemory overheadsMemory pagesPage allocationPerformance degradationSecurity attacksSecurity countermeasuresSoftware approachStatic controlStorage overheadSystem callsEmbedded systemsHardwareProgram compilersSemanticsDigital storageTampere7 October 2012 through 12 October 2012Santos J.C.M.Fei Y.Shi Z.J.Chang, W., Streiff, B., Lin, C., Efficient and extensible security enforcement using dynamic data flow analysis (2008) Proc. Conf. Computer & Communications Security, pp. 39-50. , OctChen, H., Wu, X., Yuan, L., Zang, B., Yew, P.-C., Chong, F.T., From speculation to security: Practical and efficient information flow tracking using speculative hardware (2008) Proc. Int. Symp. Computer Architecture, pp. 401-412. , JuneChen, S., Kozuch, M., Strigkos, T., Falsafi, B., Gibbons, P.B., Mowry, T.C., Ramachandran, V., Vlachos, E., Flexible hardware acceleration for instruction-grain program monitoring (2008) Proc. Int. Symp. Computer Architecture, pp. 377-388. , JunChiueh, T.-C., Hsu, F.-H., RAD: A compile-time solution to buffer overflow attacks (2001) Proc. Int Conf. Distributed Computing Systems, pp. 409-417. , AprCowen, C., Pu, C., Maier, D., Hinton, H., Walpole, J., Bakke, P., Beattie, S., Zhang, Q., StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks (1998) Proc. USENIX Security Symp., pp. 63-78. , JanCrandall, J.R., Wu, S.F., Chong, F.T., Minos: Architectural support for protecting control data (2006) ACM Tran. Architecture & Code Optimization, 3 (4), pp. 359-389. , DecDalton, M., Kannan, H., Kozyrakis, C., Raksha: A flexible flow architecture for software security (2007) Proc. Int. Symp. Computer Architecture, pp. 482-293. , JuneFocus, S., (2001) Ssh crc-32 Compensation Attack Detector Vulnerability, , http://www.securityfocus.com/bid/2347/Frantzen, M., Shuey, M., StackGhost: Hardware facilitated stack protection (2001) Proc. USENIX Security Symp., pp. 55-66. , AugHo, A., Fetterman, M., Clark, C., Warfield, A., Hand, S., Practical taint-based protection using demand emulation (2006) EUROSYS '06Huang, R., Deng, D.Y., Suh, G.E., Orthrus: Efficient software integrity protection on multi-cores (2010) Comput. Archit. News, 38 (1), pp. 371-384(2010) Imperva. Securesphere and Owasp 2010 Top Ten Most Critical Web Application Security Risks, , http://www.imperva.com/docs/TB_SecureSphere_OWASP_2010-Top-Ten.pdfIsaev, I.K., Sidorov, D.V., The use of dynamic analysis for generation of input data that demonstrates critical bugs and vulnerabilities in programs (2010) Programming and Computer Software, 36 (4), pp. 225-236. , SeptKannan, H., Ordering decoupled metadata accesses in multiprocessors (2009) Proc. Int. Symp. Microarchitecture, pp. 381-390. , DecKatsunuma, S., Kurita, H., Shioya, R., Shimizu, K., Irie, H., Goshima, M., Sakai, S., Base address recognition with data flow tracking for injection attack detection (2006) Proc. Pacific Rim Inter. Symp. Dependable Computing, pp. 165-172. , DecLam, L.C., Chiueh, T.-C., A general dynamic information flow tracking framework for security applications (2006) Proc. Annual Computer Security Applications Conf., pp. 463-472. , DecLivshits, B., Martin, M., Lam, M.S., Securifly: Runtime protection and recovery from web application vulnerabilities (2006) Technical Report, Stanford UniversityMartinez Santos, J.C., Fei, Y., Leveraging speculative architectures for run-time program validation (2008) Proc. Int. Conf. Computer Design, pp. 498-505. , OctMartinez Santos, J.C., Fei, Y., Shi, Z.J., Pift: Efficient dynamic information flow tracking using secure page allocation (2009) Proc. WkShp on Embedded Systems Security, pp. 61-68. , OctNethercote, N., Seward, J., Valgrind: A framework for heavyweight dynamic binary instrumentation (2007) Proc. Conference on Programming Language Design & Implementation, pp. 89-100. , JunNightingale, E.B., Peek, D., Chen, P.M., Flinn, J., Parallelizing security checks on commodity hardware (2008) Proc. Int. Conf. Architectural Support for Programming Languages & Operating Systems, pp. 308-318. , MarPozza, D., Sisto, R., A lightweight security analyzer inside gcc (2008) Proc. Int. Conf. Availability, Reliability & Security, pp. 851-858Qin, F., Wang, C., Li, Z., Seop Kim, H., Zhou, Y., Wu, Y., LIFT: A low-overhead practical information flow tracking system for detecting security attacks (2006) IEEE/ACM Int. Symp. on Microarchitecture, pp. 135-148. , DecRuwase, O., Gibbons, P.B., Mowry, T.C., Ramachandran, V., Chen, S., Kozuch, M., Ryan, M., Parallelizing dynamic information flow tracking (2008) Proc. Annual Symp. Parallelism in Algorithms & Architectures, pp. 35-45. , JunShi, W., Fryman, J., Gu, G., Lee, H.-H., Zhang, Y., Yang, J., InfoShield: A security architecture for protecting information usage in memory (2006) Int. Symp. on High-Performance Computer Architecture, pp. 222-231. , FebSophia, I., Méditerranée, A., Antipolis, S., Secure slices of insecure programs categories and subject descriptors (2008) Language, pp. 112-122. , MarSotirov, A., (2005) Automatic Vulnerability Detection Using Static Source Code Analysis, , PhD thesis, University of Alabama(2000) SPEC CINT 2000, , http://www.spec.org/cpu2000/CINT2000/, BenchmarksSuh, G.E., Lee, J.W., Zhang, D., Devadas, S., Secure program execution via dynamic information flow tracking (2004) Proc. Int. Conf. on Architectural Support for Programming Languages & Operating Systems, pp. 85-96Vachharajani, N., Bridges, M.J., Chang, J., Rangan, R., Ottoni, G., Blome, J.A., Reis, G.A., August, D.I., RIFLE: An architectural framework for user-centric information-flow security (2004) Proc. Int. Symp. Microarchitecture, pp. 243-254Venkataramani, G., Doudalis, I., Solihin, Y., Prvulovic, M., Flexitaint: A programmable accelerator for dynamic taint propagation (2008) Proc. Int. Symp. High-Performance Computer Architecture, pp. 173-184. , FebWilander, J., Kamkar, M., (2002) A Comparison of Publicly Available Tools for Static Intrusion PreventionXu, J., Nakka, N., Defeating memory corruption attacks via pointer taintedness detection (2005) Proc. Int. Conf. on Dependable Systems & Networks, pp. 378-387Xu, W., Bhatkar, S., Sekar, R., Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks (2006) Proc. USENIX Security Symp., pp. 121-136. , July-AugYounan, Y., Joosen, W., Piessens, F., Efficient protection against heap-based buffer overflows without resorting to magic (2006) Proc. Int. Conf. on Information & Communication Security, , DecYounan, Y., Pozza, D., Piessens, F., Joosen, W., Extended protection against stack smashing attacks without performance loss (2006) Proc. Annual Computer Security Applications Conf., pp. 429-438. , Dechttp://purl.org/coar/resource_type/c_c94fTHUMBNAILMiniProdInv.pngMiniProdInv.pngimage/png23941https://repositorio.utb.edu.co/bitstream/20.500.12585/9091/1/MiniProdInv.png0cb0f101a8d16897fb46fc914d3d7043MD5120.500.12585/9091oai:repositorio.utb.edu.co:20.500.12585/90912021-02-02 14:07:02.198Repositorio Institucional UTBrepositorioutb@utb.edu.co

Static secure page allocation for light-weight dynamic information flow tracking

Publicaciones similares