Skip to main content
Springer Nature Link
Log in

MicroStache: A Lightweight Execution Context for In-Process Safe Region Isolation

  • Conference paper
  • First Online:
Research in Attacks, Intrusions, and Defenses (RAID 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11050))

Abstract

In this work we present, MicroStache, a specialized hardware mechanism and new process abstraction for accelerating safe region security solutions. In the safe region paradigm, an application is split into safe and unsafe parts. Unfortunately, frequent mixing of safe and unsafe operations stresses memory isolation mechanisms. MicroStache addresses this challenge by adding an orthogonal execution domain into the process abstraction, consisting of a memory segment and minimal instruction set. Unlike alternative hardware, MicroStache implements a simple microarchitectural memory segmentation scheme while integrating it with paging, and also extends the safe region abstraction to isolate data in the processor cache, allowing it to protect against cache side channel attacks. A prototype is presented that demonstrates how to automatically leverage MicroStache to enforce security polices, SafeStack and CPI, with 5% and 1.2% overhead beyond randomized isolation. Despite specialization, MicroStache enhances a growing and critical programming paradigm with minimal hardware complexity.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    http://www.gem5.org/SimpleCPU.

References

  1. Arnautov, S., et al.: SCONE: secure Linux containers with Intel SGX (2016)

    Google Scholar 

  2. Azab, A.M., et al.: Hypervision across worlds: real-time kernel protection from the ARM TrustZone secure world. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (2014)

    Google Scholar 

  3. Baumann, A., Peinado, M., Hunt, G.: Shielding applications from an untrusted cloud with Haven. ACM Trans. Comput. Syst. (TOCS) 33(3), 8 (2015)

    Article  Google Scholar 

  4. Binkert, N.: The gem5 simulator. ACM SIGARCH Comput. Archit. News 39(2), 1–7 (2011)

    Article  Google Scholar 

  5. Bletsch, T., Jiang, X., Freeh, V.W., Liang, Z.: Jump-oriented programming: a new class of code-reuse attack. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (2011)

    Google Scholar 

  6. Buchanan, E., Roemer, R., Savage, S., Shacham, H.: Return-oriented programming: exploitation without code injection. Black Hat 8 (2008)

    Google Scholar 

  7. Carlini, N., Barresi, A., Payer, M., Wagner, D., Gross, T.R.: Control-flow bending: on the effectiveness of control-flow integrity. In: USENIX Security Symposium (2015)

    Google Scholar 

  8. Carr, S.A., Payer, M.: DataShield: configurable data confidentiality and integrity. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security (2017). https://doi.org/10.1145/3052973.3052983

  9. Castro, M., Costa, M., Harris, T.: Securing software by enforcing data-flow integrity. In: Proceedings of the 7th Symposium on Operating Systems Design and Implementation, pp. 147–160. USENIX Association (2006)

    Google Scholar 

  10. Christoulakis, N., Christou, G., Athanasopoulos, E., Ioannidis, S.: HCFI: hardware-enforced control-flow integrity. In: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy (2016)

    Google Scholar 

  11. Crane, S., et al.: Readactor: practical code randomization resilient to memory disclosure. In: IEEE Symposium on Security and Privacy (2015)

    Google Scholar 

  12. Criswell, J., Lenharth, A., Dhurjati, D., Adve, V.: Secure virtual architecture: a safe execution environment for commodity operating systems. In: ACM SIGOPS Operating Systems Review (2007)

    Google Scholar 

  13. Dautenhahn, N., Kasampalis, T., Dietz, W., Criswell, J., Adve, V.: Nested kernel: an operating system architecture for intra-kernel privilege separation. ACM SIGPLAN Not. 50(4), 191–206 (2015)

    Article  Google Scholar 

  14. Davi, L., Sadeghi, A.R., Winandy, M.: ROPdefender: a detection tool to defend against return-oriented programming attacks. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp. 40–51. ACM (2011)

    Google Scholar 

  15. Devietti, J., Blundell, C., Martin, M.M., Zdancewic, S.: HardBound: architectural support for spatial safety of the C programming language. In: ACM SIGARCH Computer Architecture News (2008)

    Google Scholar 

  16. Dhawan, U., et al.: Architectural support for software-defined metadata processing. SIGARCH Comput. Archit. News 43(1), 487–502 (2015). https://doi.org/10.1145/2786763.2694383

    Article  Google Scholar 

  17. Evans, I., et al.: Missing the point (er): on the effectiveness of code pointer integrity. In: IEEE Symposium on Security and Privacy (2015)

    Google Scholar 

  18. Evtyushkin, D., Ponomarev, D., Abu-Ghazaleh, N.: Jump over ASLR: attacking branch predictors to bypass ASLR. In: 49th Annual IEEE/ACM International Symposium on Microarchitecture (2016)

    Google Scholar 

  19. Frassetto, T., Jauernig, P., Liebchen, C., Sadeghi, A.R.: IMIX: in-process memory isolation extension. In: 27th USENIX Security Symposium (USENIX Security 2018). USENIX Association, Baltimore (2018). https://www.usenix.org/conference/usenixsecurity18/presentation/frassetto

  20. Giuffrida, C., Kuijsten, A., Tanenbaum, A.S.: Enhanced operating system security through efficient and fine-grained address space randomization. In: USENIX Security Symposium, pp. 475–490 (2012)

    Google Scholar 

  21. Gras, B., Razavi, K., Bosman, E., Bos, H., Guiffrida, C.: ASLR on the line: practical cache attacks on the MMU. In: Network and Distributed System Security Symposium (2017). https://doi.org/10.14722/ndss.2017.23271

  22. Gruss, D., Maurice, C., Fogh, A., Lipp, M., Mangard, S.: Prefetch side-channel attacks: bypassing SMAP and kernel ASLR. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (2016)

    Google Scholar 

  23. Guan, L., Lin, J., Luo, B., Jing, J., Wang, J.: Protecting private keys against memory disclosure attacks using hardware transactional memory. In: IEEE Symposium on Security and Privacy (2015)

    Google Scholar 

  24. Guan, L., et al.: TrustShadow: secure execution of unmodified applications with ARM TrustZone. arXiv preprint arXiv:1704.05600 (2017)

  25. Hu, H., Shinde, S., Sendroiu, A., Chua, Z.L., Saxena, P., Liang, Z.: Data-oriented programming: on the expressiveness of non-control data attacks. In: IEEE Symposium on Security and Privacy (2016)

    Google Scholar 

  26. Ilyas, I.F., Beskales, G., Soliman, M.A.: A survey of top-k query processing techniques in relational database systems. ACM Comput. Surv. (CSUR) 40(4), 11 (2008)

    Article  Google Scholar 

  27. Kim, T., Peinado, M., Mainar-Ruiz, G.: STEALTHMEM: system-level protection against cache-based side channel attacks in the cloud. Presented as part of the 21st USENIX Security Symposium (USENIX Security 2012), pp. 189–204. USENIX, Bellevue (2012). https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/kim

  28. Koning, K., Chen, X., Bos, H., Giuffrida, C., Athanasopoulos, E.: No need to hide: protecting safe regions on commodity hardware. In: Proceedings of the Twelfth European Conference on Computer Systems (2017)

    Google Scholar 

  29. Kuvaiskii, D., et al.: SGXBOUNDS: memory safety for shielded execution. In: Proceedings of the Twelfth European Conference on Computer Systems (2017)

    Google Scholar 

  30. Kuznetsov, V., Szekeres, L., Payer, M., Candea, G., Sekar, R., Song, D.: Code-pointer integrity. In: 11th USENIX Symposium on Operating Systems Design and Implementation (2014)

    Google Scholar 

  31. Li, W., Xia, Y., Chen, H., Zang, B., Guan, H.: Reducing world switches in virtualized environment with flexible cross-world calls. In: ACM/IEEE 42nd Annual International Symposium on Computer Architecture (2015)

    Google Scholar 

  32. Liu, C., Harris, A., Maas, M., Hicks, M., Tiwari, M., Shi, E.: GhostRider: a hardware-software system for memory trace oblivious computation. ACM SIGARCH Comput. Archit. News 43(1), 87–101 (2015)

    Article  Google Scholar 

  33. Liu, F., et al.: CATalyst: defeating last-level cache side channel attacks in cloud computing. In: IEEE International Symposium on High Performance Computer Architecture (2016)

    Google Scholar 

  34. Nagarakatte, S., Martin, M.M., Zdancewic, S.: WatchdogLite: hardware-accelerated compiler-based pointer checking. In: Proceedings of Annual IEEE/ACM International Symposium on Code Generation and Optimization (2014)

    Google Scholar 

  35. Nagarakatte, S., Zhao, J., Martin, M.M., Zdancewic, S.: SoftBound: highly compatible and complete spatial memory safety for C. ACM SIGPLAN Not. 44(6), 245–258 (2009)

    Article  Google Scholar 

  36. Rane, A., Lin, C., Tiwari, M.: Raccoon: closing digital side-channels through obfuscated execution. In: USENIX Security Symposium (2015)

    Google Scholar 

  37. Rane, A., Lin, C., Tiwari, M.: Secure, precise, and fast floating-point operations on x86 processors. In: USENIX Security Symposium (2016)

    Google Scholar 

  38. Roessler, N., DeHon, A.: Protecting the stack with metadata policies and tagged hardware. In: 2018 IEEE Symposium on Security and Privacy (SP), pp. 1072–1089 (2018). https://doi.org/10.1109/SP.2018.00066

  39. Sehr, D., et al.: Adapting software fault isolation to contemporary CPU architectures. In: USENIX Security Symposium (2010)

    Google Scholar 

  40. Simpson, M.S., Barua, R.K.: MemSafe: ensuring the spatial and temporal memory safety of C at runtime. Softw.: Pract. Exp. 43(1), 93–128 (2013)

    Google Scholar 

  41. Song, C., et al.: HDFI: hardware-assisted data-flow isolation. In: IEEE Symposium on Security and Privacy (2016)

    Google Scholar 

  42. Vishwanathan, S.V.N., Schraudolph, N.N., Kondor, R., Borgwardt, K.M.: Graph kernels. J. Mach. Learn. Res. 11, 1201–1242 (2010)

    MathSciNet  MATH  Google Scholar 

  43. Wahbe, R., Lucco, S., Anderson, T.E., Graham, S.L.: Efficient software-based fault isolation. In: ACM SIGOPS Operating Systems Review (1994)

    Google Scholar 

  44. Wang, Z., Lee, R.B.: New cache designs for thwarting software cache-based side channel attacks. In: Proceedings of the 34th Annual International Symposium on Computer Architecture, ISCA 2007, pp. 494–505. ACM, New York (2007). https://doi.org/10.1145/1250662.1250723

  45. Wilander, J., Nikiforakis, N., Younan, Y., Kamkar, M., Joosen, W.: RIPE: runtime intrusion prevention evaluator. In: Proceedings of the 27th Annual Computer Security Applications Conference (2011)

    Google Scholar 

  46. Yee, B., et al.: Native client: a sandbox for portable, untrusted x86 native code. In: 30th IEEE Symposium on Security and Privacy (2009)

    Google Scholar 

Download references

Acknowledgments

The authors would like to thank the anonymous reviewers, Mohit Tiwari, André DeHon, JMS, Volodymyr Kuznetsov, and George Candea, who all provided insightful feedback, improving the paper. We would like to thank our families—Filip, Andi, Bogdan, Andreea, Cornelia, Vasile, and AuNoLeZeZo—who gave us the freedom and flexibility to make this paper the best it could be. This research was funded in part by National Science Foundation grant CNS-1513687. Any opinions, findings, conclusions, or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation.

Author information

Authors and Affiliations

  1. University POLITEHNICA of Bucharest, Bucharest, Romania

    Lucian Mogosanu

  2. The University of Texas at Austin, Austin, USA

    Ashay Rane

  3. Rice University, Houston, USA

    Nathan Dautenhahn

Authors
  1. Lucian Mogosanu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ashay Rane
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nathan Dautenhahn
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lucian Mogosanu .

Editor information

Editors and Affiliations

  1. University of Illinois at Urbana-Champaign, Urbana, IL, USA

    Michael Bailey

  2. Ruhr-Universität Bochum, Bochum, Germany

    Thorsten Holz

  3. Vrije Universiteit Amsterdam, Amsterdam, The Netherlands

    Manolis Stamatogiannakis

  4. Foundation for Research & Technology – Hellas, Heraklion, Crete, Greece

    Sotiris Ioannidis

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Mogosanu, L., Rane, A., Dautenhahn, N. (2018). MicroStache: A Lightweight Execution Context for In-Process Safe Region Isolation. In: Bailey, M., Holz, T., Stamatogiannakis, M., Ioannidis, S. (eds) Research in Attacks, Intrusions, and Defenses. RAID 2018. Lecture Notes in Computer Science(), vol 11050. Springer, Cham. https://doi.org/10.1007/978-3-030-00470-5_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-00470-5_17

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-00469-9

  • Online ISBN: 978-3-030-00470-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation