Abstract:
Preventing execution of unauthorized software on a given computer plays a pivotal role in system security. The key problem is that although a program at the beginning of its execution can be verified as authentic, while running, its execution flow can be redirected to externally injected malicious code using, for example, a buffer overflow exploit. Existing techniques address this problem by trying to detect the intrusion at run-time or by formally verifying that the software is not prone to a particular attack. We take a radically different approach to this problem. We aim at intrusion prevention as the core technology for enabling secure computing systems. Intrusion prevention systems force an adversary to solve a computationally hard task in order to create a binary that can be executed on a given machine. In this paper, we present an exemplary system —SPEF — a combination of architectural and compilation techniques that ensure software integrity at run-time. SPEF embeds encrypted, processor-specific constraints into each block of instructions at software installation time and then verifies their existence at run-time. Thus, the processor can execute only properly installed programs, which makes installation the only system gate that needs to be protected. We have designed a SPEF prototype based on the ARM instruction set and validated its impact on security and performance using the MediaBench suite of applications. 1.
Citations
|
1666
|
Handbook of Applied Cryptography
– Menezes, Oorschot, et al.
- 1997
|
|
901
|
Proof-carrying code
– Necula
- 1997
|
|
642
|
MediaBench: A tool for evaluating and synthesizing multimedia and communications systems
– Lee, Potkonjak, et al.
- 1997
|
|
305
|
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
– Cowan, Pu, et al.
- 1998
|
|
303
|
A Secure Environment for Untrusted Helper Applications
– Goldberg, Wagner, et al.
- 1996
|
|
295
|
An Efficient Algorithm for Exploiting Multiple Arithmetic Units
– Tomasulo
- 1967
|
|
253
|
A First Step towards Automated Detection of Buffer Overrun Vulnerabilities
– Wagner, Foster, et al.
- 2000
|
|
217
|
Intercepting Mobile Communications: The Insecurity of 802.11
– Borisov, Goldberg, et al.
- 2001
|
|
145
|
Static detection of dynamic memory errors
– Evans
- 1996
|
|
136
|
Detecting Format String Vulnerabilities with Type Qualifiers
– Shankar, Talwar, et al.
- 2001
|
|
122
|
Statically Detecting Likely Buffer Overflow Vulnerabilities
– Larochelle, Evans
- 2001
|
|
110
|
Smashing the stack for fun and profit
– One
- 1996
|
|
100
|
LCLint: A tool for using specifications to check code
– Evans, Guttag, et al.
- 1994
|
|
87
|
Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade
– Cowan, Wagle, et al.
- 2000
|
|
56
|
a C Program Checker
– Lint
- 1978
|
|
53
|
Synthesizing Fast Intrusion Prevention/Detection Systems from High-Level Specifications
– Sekar, Uppuluri
- 1999
|
|
33
|
Support for speculative execution in high-performance processors
– Smith
- 1992
|
|
26
|
Blocking Java Applets at the Firewall
– Martin, Rajagopalan, et al.
- 1997
|
|
22
|
Mobile Code Security
– Rubin, Geer
- 1998
|
|
7
|
Omega - a data flow analysis tool for the C programming language
– Wilson, Osterweil
- 1985
|
|
4
|
Bluebox: A policy driven, host-based intrusion detection system
– Chari, Cheng
- 2002
|
|
3
|
The internet worm, password cracking: a game of wits
– Seeley
- 1989
|
|
1
|
The ARM hardware-software development kit. Available online at http://www.arm.com
– Corp
|
|
1
|
Processor Serial Number Technical Notes. Available on-line at http://www.intel.com
– Corp
|
|
1
|
The Linux BIOS Home Page. Available on-line at http://www.acl.lanl.gov/linuxbios
– Minnich
|
|
1
|
AES Rijndael core. Available on-line at http://www.sci-worx.com
– GmbH
|
