Mostrar el registro sencillo del ítem

Leveraging speculative architectures for runtime program validation

dc.creatorSantos J.C.M.
dc.creatorFei Y.
dc.date.accessioned2020-03-26T16:32:53Z
dc.date.available2020-03-26T16:32:53Z
dc.date.issued2013
dc.identifier.citationTransactions on Embedded Computing Systems; Vol. 13, Núm. 1
dc.identifier.issn15399087
dc.identifier.urihttps://hdl.handle.net/20.500.12585/9074
dc.description.abstractProgram execution can be tampered with by malicious attackers through exploiting software vulnerabilities. Changing the program behavior by compromising control data and decision data has become the most serious threat in computer system security. Although several hardware approaches have been presented to validate program execution, they either incur great hardware overhead or introduce false alarms. We propose a new hardware-based approach by leveraging the existing speculative architectures for runtime program validation. The on-chip branch target buffer (BTB) is utilized as a cache of the legitimate control flow transfers stored in a secure memory region. In addition, the BTB is extended to store the correct program path information. At each indirect branch site, the BTB is used to validate the decision history of previous conditional branches and monitor the following execution path at runtime. Implementation of this approach is transparent to the upper operating system and programs. Thus, it is applicable to legacy code. Because of good code locality of the executable programs and effectiveness of branch prediction, the frequency of control-flow validations against the secure off-chip memory is low. Our experimental results show a negligible performance penalty and small storage overhead. © 2013 ACM.eng
dc.format.mediumRecurso electrónico
dc.format.mimetypeapplication/pdf
dc.language.isoeng
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/4.0/
dc.sourcehttps://www.scopus.com/inward/record.uri?eid=2-s2.0-84883857670&doi=10.1145%2f2512456&partnerID=40&md5=64152a241d75d7cc5bec7937d4c39862
dc.titleLeveraging speculative architectures for runtime program validation
dcterms.bibliographicCitationArora, D., Ravi, S., Raghunathan, A., Jha, N.K., Secure embedded processing through hardwareassisted run-time monitoring (2005) Proceedings of the Conference on Design, Automation & Test, pp. 178-183
dcterms.bibliographicCitationAustin, T., Larson, E., Ernst, D., SimpleScalar: An infrastructure for computer system modeling (2002) Comput, 35 (2), pp. 59-67
dcterms.bibliographicCitationBorin, E., Wang, C., Wu, Y., Araujo, G., Dynamic binary control-flow errors detection (2005) ACM SIGARCH Comput. Architect. News, 33 (5), pp. 15-20
dcterms.bibliographicCitationChiueh, T.-C., Hsu, F.-H., RAD: A compile-time solution to buffer overflow attacks (2001) Proceedings of the International Conference on Distributed Computing Systems, pp. 409-417
dcterms.bibliographicCitationCowen, C., Pu, C., Maier, D., Hinton, H., Walpole, J., Bakke, P., Beattie, S., Zhang, Q., StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks (1998) Proceedings of the USENIX Security Symposium, pp. 63-78
dcterms.bibliographicCitationCrandall, J.R., Wu, S.F., Chong, F.T., Minos: Architectural support for protecting control data (2006) ACM Tran. Architect. Code Optim, 3 (4), pp. 359-389
dcterms.bibliographicCitationDalton, M., Kannan, H., Kozyrakis, C., Raksha: A flexible flow architecture for software security (2007) Proceedings of the International Symposium on Computer Architecture, pp. 482-293
dcterms.bibliographicCitationFei, Y., Shi, Z.J., Microarchitectural support for program code integrity monitoring in applicationspecific instruction set processors (2007) Proceedings of the Design Automation & Test Europe Conference, pp. 815-820
dcterms.bibliographicCitationFeng, H.H., Giffin, J.T., Huang, Y., Jha, S., Lee, W., Miller, B.P., Formalizing sensitivity in static analysis for intrusion detection (2004) Proceedings of the IEEE Symposium on Security & Privacy, pp. 194-208
dcterms.bibliographicCitationForrest, S., Hofmeyr, S.A., Somayaji, A., Longstaff, T.A., A sense of self for UNIX processes (1996) Proceedings of the IEEE Symposium on Security & Privacy, pp. 120-128
dcterms.bibliographicCitationFrantzen, M., Shuey, M., StackGhost: Hardware facilitated stack protection (2001) Proceedings of the USENIX Security Symposium, pp. 55-66
dcterms.bibliographicCitationGuthaus, M., Ringenberg, J., Austin, T., Mudge, T., Brown, R., MiBench: A free, commercially representative embedded benchmark suite (2001) Proceedings of the IEEE International Workshop on Workload Characterization, pp. 3-14
dcterms.bibliographicCitationJimenez, D.A., Piecewise linear branch prediction (2005) Proceedings of the IEEE International Symposium on Computer Architecture, pp. 382-393
dcterms.bibliographicCitationLee, C.-C., Chen, I.-C.K., Mudge, T.N., The bi-mode branch predictor (1997) Proceedings of the ACM/IEEE International Symposium on Microarchitecture, pp. 4-13
dcterms.bibliographicCitationLee, R., Karig, D.K., McGregor, J.P., Shi, Z., Enlisting hardware architecture to thwart malicious code injection (2003) Proceedings of the International Conference on Security in Pervasive Computing, pp. 237-252
dcterms.bibliographicCitationLin, H., Guan, X., Fei, Y., Shi, Z.J., Compiler-assisted architectural support for program code integritymonitoring in application-specific instruction set processors (2007) Proceedings of the International Conference on Computer Design
dcterms.bibliographicCitationMao, S., Wolf, T., Hardware support for secure processing in embedded systems (2007) Proceedings of the Design Automation Conference, pp. 483-488
dcterms.bibliographicCitationMartinez Santos, J.C., Fei, Y., Leveraging speculative architectures for run-time program validation (2008) Proceedings of the International Conference on Computer Design, pp. 498-505
dcterms.bibliographicCitationMichael, C., Ghosh, A., Using finite automata to mine execution data for intrusion detection: A preliminary report (2000) Proceedings of the International Workshop on Recent Advances in Intrusion Detection, 1907, pp. 66-79
dcterms.bibliographicCitationOne, A., Smashing the stack for fun and profit (1996) Phrack, 7, p. 49
dcterms.bibliographicCitationPark, Y., Zhang, Z., Lee, G., Microarchitectural protection against stack-based buffer overflow attacks (2006) IEEE Micro, 26 (4), pp. 62-71
dcterms.bibliographicCitationPerleberg, C., Smith, A.J., Branch target buffer design and optimization (1993) IEEE Trans. Comput, 42 (4), pp. 396-412
dcterms.bibliographicCitationPyo, C., Lee, G., Encoding function pointers and memory arrangement checking against buffer overflow attacks (2002) Proceedings of the International Conference on Information & Communications Security, 2513, pp. 25-36
dcterms.bibliographicCitationRagel, R., Parameswaran, S., Hardware assisted preemptive control flow checking for embedded processors to improve reliability (2006) Proceedings of the International Conference on Hardware/Software Codesign & System Synthesis, pp. 100-105
dcterms.bibliographicCitationShi, W., Fryman, J., Gu, G., Lee, H.-H., Zhang, Y., Yang, J., InfoShield: A security architecture for protecting information usage in memory (2006) Proceedings of the International Symposium on High-Performance Computer Architecture, pp. 222-231
dcterms.bibliographicCitationShi, Y., Dempsey, S., Lee, G., Architectural support for run-time validation of control flow transfer (2006) Proceedings of the International Conference on Computer Design, pp. 506-513
dcterms.bibliographicCitationShi, Y., Lee, G., Augmenting branch predictor to secure program execution (2007) Proceedings of the IEEE/IFIP International Conference on Dependable Systems & Networks, pp. 10-19
dcterms.bibliographicCitationSuh, G.E., Lee, J.W., Zhang, D., Devadas, S., Secure program execution via dynamic information flow tracking (2004) Proceedings of the International Conference on Architectural Support for Programming Languages & Operating Systems, pp. 85-96
dcterms.bibliographicCitationThomas, R., Franklin, M., Wilkerson, C., Stark, J., Improving branch prediction by dynamic dataflow-based identification of correlated branches from a large global history (2003) Proceedings of the Interenational Symposium on Computer Architecture, pp. 314-323
dcterms.bibliographicCitationTuck, N., Cadler, B., Varghese, G., Hardware and binary modification support for code pointer protection from buffer overflow (2004) Proceedings of the International Symposium on Microarchitecture, pp. 209-220
dcterms.bibliographicCitationVachharajani, N., Bridges, M.J., Chang, J., Rangan, R., Ottoni, G., Blome, J.A., Reis, G.A., August, D.I., RIFLE: An architectural framework for user-centric information-flow security (2004) Proceedings of the International Symposium on Microarchitecture, pp. 243-254
dcterms.bibliographicCitationWilander, J., Kamkar, M., A comparison of publicly available tools for static intrusion prevention (2002) Proceedings of the 7th Nordic Workshop on Secure IT Systems (NordSec'02), p. 68
dcterms.bibliographicCitationXu, J., Nakka, N., Defeating memory corruption attacks via pointer taintedness detection (2005) Proceedings of the International Conference on Dependable Systems & Networks, pp. 378-387
dcterms.bibliographicCitationYe, D., Kaeli, D., A reliable return address stack: Microarchitectural features to defeat stack smashing (2005) Proceedings of the Workshop on Architectural Support for Security & Antivirus, pp. 73-88
dcterms.bibliographicCitationZhang, T., Zhuang, X., Pande, S., Lee, W., Anomalous path detection with hardware support (2005) Proceedings of the International Conference on Compilers, Architecture, & Synthesis for Embedded Systems, pp. 43-54
datacite.rightshttp://purl.org/coar/access_right/c_16ec
oaire.resourceTypehttp://purl.org/coar/resource_type/c_6501
oaire.versionhttp://purl.org/coar/version/c_970fb48d4fbd8a85
dc.type.driverinfo:eu-repo/semantics/article
dc.type.hasversioninfo:eu-repo/semantics/publishedVersion
dc.identifier.doi10.1145/2512456
dc.subject.keywordsControl flow validation
dc.subject.keywordsProgram validation
dc.subject.keywordsSecurity attacks
dc.subject.keywordsBranch target buffers
dc.subject.keywordsComputer system security
dc.subject.keywordsControl flows
dc.subject.keywordsHardware-based approach
dc.subject.keywordsPerformance penalties
dc.subject.keywordsProgram validation
dc.subject.keywordsSecurity attacks
dc.subject.keywordsSoftware vulnerabilities
dc.subject.keywordsDigital storage
dc.subject.keywordsHardware
dc.rights.accessrightsinfo:eu-repo/semantics/restrictedAccess
dc.rights.ccAtribución-NoComercial 4.0 Internacional
dc.identifier.instnameUniversidad Tecnológica de Bolívar
dc.identifier.reponameRepositorio UTB
dc.type.spaArtículo
dc.identifier.orcid26325154200
dc.identifier.orcid7103059457


Ficheros en el ítem

FicherosTamañoFormatoVer

No hay ficheros asociados a este ítem.

Este ítem aparece en la(s) siguiente(s) colección(ones)

Mostrar el registro sencillo del ítem

http://creativecommons.org/licenses/by-nc-nd/4.0/
http://creativecommons.org/licenses/by-nc-nd/4.0/

Universidad Tecnológica de Bolívar - 2017 Institución de Educación Superior sujeta a inspección y vigilancia por el Ministerio de Educación Nacional. Resolución No 961 del 26 de octubre de 1970 a través de la cual la Gobernación de Bolívar otorga la Personería Jurídica a la Universidad Tecnológica de Bolívar.