Skip to main content
SpringerLink
Log in

RollSec: Automatically Secure Software States Against General Rollback

  • Published:
International Journal of Parallel Programming Aims and scope Submit manuscript

Abstract

The rollback mechanism is critical in crash recovery and debugging, but its security problems have not been adequately addressed. This is justified by the fact that existing solutions always require modifications on target software or only work for specific scenarios. As a consequence, rollback is either neglected or restricted or prohibited in existing systems. In this paper, we systematically characterize security threats of rollback as abnormal states of non-deterministic variables and resumed program points caused by rollback. Based on this, we propose RollSec (for Rollback Security), which provides general measurements including state extracting, recording, and compensating, to maintain correctness of these abnormal states for eliminating rollback threats. RollSec can automatically extract these states based on language-independent information of software as protection targets, which will be monitored during run-time, and compensated to correct states on each rollback without requiring extra modifications or supports of specific architectures. At last, we implement a prototype of RollSec to verify its effectiveness, and conduct performance evaluations which demonstrate that only acceptable overhead is introduced.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy (2013)

  2. Berger, S., Cceres, R., Goldman, K.A., Perez, R., Sailer, R., van Doorn, L.: vTPM: virtualizing the trusted platform module. In: Proceedings of the 15th Conference on USENIX Security Symposium, pp. 305–320 (2006)

  3. Chandra, R., Kim, T., Zeldovich, N.: Asynchronous intrusion recovery for interconnected web services. In: Proceedings of the 24th ACM Symposium on Operating Systems Principles, pp. 213–227. ACM (2013)

  4. Chen, H., Kim, T., Wang, X., Zeldovich, N., Kaashoek, M.F.: Identifying information disclosure in web applications with retroactive auditing. In: Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation, pp. 555–569 (2014)

  5. Developers, N.: Neo4j. Graph NoSQL Database (2012)

  6. Egwutuoha, I.P., Levy, D., Selic, B., Chen, S.: A survey of fault tolerance mechanisms and checkpoint/restart implementations for high performance computing systems. J. Supercomput. 65(3), 1302–1326 (2013)

    Article  Google Scholar 

  7. Elnozahy, E.N., Alvisi, L., Wang, Y.M., Johnson, D.B.: A survey of rollback-recovery protocols in message-passing systems. ACM Comput. Surv. 34(3), 375–408 (2002)

    Article  Google Scholar 

  8. Fu, M., Bass, L., Liu, A.: Towards a taxonomy of cloud recovery strategies. In: Proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 696–701. IEEE (2014)

  9. Fu, M., Zhu, L., Bass, L., Liu, A.: Recovery for failures in rolling upgrade on clouds. In: Proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 642–647. IEEE (2014)

  10. Garfinkel, T., Rosenblum, M.: When virtual is harder than real: security challenges in virtual machine based computing environments. In: Proceedings of 10th Workshop on Hot Topics in Operating Systems (2005)

  11. Greene, J.: Intel trusted execution technology. Intel Technology White Paper (2012)

  12. Henning, J.L.: SPEC CPU2006 benchmark descriptions. ACM SIGARCH Comput. Archit. News 34(4), 1–17 (2006)

    Article  Google Scholar 

  13. Honarmand, N., Torrellas, J.: Replay debugging: leveraging record and replay for program debugging. In: Proceedings of the 41st International Symposium on Computer Architecture, pp. 445–456. IEEE (2014)

  14. Jin, H., Dai, W., Zou, D.: Theory and methodology of research on cloud security. Sci. China Inf. Sci. 59(5), 1–3 (2016)

    Article  Google Scholar 

  15. Jin, H., Zou, D., Dai, W., Wang, F.: Synchronized virtual trusted platform modules (vTPM) and virtual machine (VM) rollbacks (2016). US Patent 9,275,240

  16. Jin, S., Ahn, J., Cha, S., Huh, J.: Architectural support for secure virtualization under a vulnerable hypervisor. In: Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture, pp. 272–283. IEEE (2011)

  17. Kalleberg, K.T.: Programming language independent abstract syntax trees (2003). http://www.ii.uib.no/~karltk/phd/nwpt03-presentation.pdf

  18. Maruyama, M., Tsumura, T., Nakashima, H.: Parallel program debugging based on data-replay. In: Proceedings of the International Conference on Parallel and Distributed Computing Systems, pp. 151–156 (2005)

  19. Matetic, S., Ahmed, M., Kostiainen, K., Dhar, A., Sommer, D., Gervais, A., Juels, A., Capkun, S.: ROTE: rollback protection for trusted execution. Cryptology ePrint Archive (2017)

  20. McCune, J.M., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V., Perrig, A.: TrustVisor: efficient TCB reduction and attestation. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 143–158. IEEE (2010)

  21. Narayanasamy, S., Pokam, G., Calder, B.: Bugnet: continuously recording program execution for deterministic replay debugging. In: Proceedings of the 32nd International Symposium on Computer Architecture, pp. 284–295 (2005)

  22. Parno, B., Lorch, J.R., Douceur, J.R., Mickens, J., McCune, J.M.: Memoir: practical state continuity for protected modules. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 379–394. IEEE (2011)

  23. Pokam, G., Danne, K., Pereira, C., Kassa, R., Kranich, T., Hu, S., Gottschlich, J., Honarmand, N., Dautenhahn, N., King, S.T., Torrellas, J.: QuickRec: prototyping an Intel architecture extension for record and replay of multithreaded programs. In: Proceedings of the 40th Annual International Symposium on Computer Architecture, pp. 643–654. IEEE (2013)

  24. Sherry, J., Gao, P.X., Basu, S., Panda, A., Krishnamurthy, A., Maciocco, C., Manesh, M., Martins, J., Ratnasamy, S., Rizzo, L., Shenker, S.: Rollback-recovery for middleboxes. In: Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication, pp. 227–240. ACM (2015)

  25. Srinivasan, S.M., Kandula, S., Andrews, C.R., Zhou, Y.: Flashback: a lightweight extension for rollback and deterministic replay for software debugging. In: Proceedings of the USENIX Annual Technical Conference, pp. 29–44 (2004)

  26. Strackx, R., Jacobs, B., Piessens, F.: ICE: a passive, high-speed, state-continuity scheme. In: Proceedings of the 30th Annual Computer Security Applications Conference, pp. 106–115. ACM (2014)

  27. Strackx, R., Piessens, F.: Ariadne: a minimal approach to state continuity. In: Proceedings of 25th USENIX Security Symposium, pp. 875–892 (2016)

  28. Szefer, J., Lee, R.B.: Architectural support for hypervisor-secure virtualization. In: Proceedings of the 17th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 437–450. ACM (2012)

  29. Wang, Y., Yang, L., Sun, W.: Implementation of IBM vTPM with Xen. J. Mil. Commun. Technol. 31(3), 67–71 (2010)

    Google Scholar 

  30. Xia, Y., Liu, Y., Chen, H., Zang, B.: Defending against VM rollback attack. In: Proceedings of International Conference on Dependable Systems and Networks Workshops, pp. 1–5 (2012)

  31. Yamaguchi, F., Golde, N., Arp, D., Rieck, K.: Modeling and discovering vulnerabilities with code property graphs. In: Proceeedings of IEEE Symposium on Security and Privacy, pp. 590–604. IEEE (2014)

  32. Zhang, F., Chen, J., Chen, H., Zang, B.: CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization. In: Proceedings of the 23rd ACM Symposium on Operating Systems Principles, pp. 203–216. ACM (2011)

Download references

Acknowledgements

This work is supported by National Natural Science Foundation of China under Grant No. 61602200, National High-tech R&D Program of China (863 Program) under Grant No. 2015AA016001, and the Fundamental Research Funds for the Central Universities under Grant No. HUST2016YXMS087.

Author information

Authors and Affiliations

  1. Services Computing Technology and System Lab, Cluster and Grid Computing Lab, Big Data Technology and System Lab, Huazhong University of Science and Technology, Wuhan, 430074, China

    Weiqi Dai, Yukun Du, Hai Jin, Weizhong Qiang, Deqing Zou & Zhongze Liu

  2. Department of Computer Science, University of Texas at San Antonio, San Antonio, TX, 78249, USA

    Shouhuai Xu

Authors
  1. Weiqi Dai
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yukun Du
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hai Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Weizhong Qiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Deqing Zou
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Shouhuai Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Zhongze Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Weizhong Qiang.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Dai, W., Du, Y., Jin, H. et al. RollSec: Automatically Secure Software States Against General Rollback. Int J Parallel Prog 46, 788–805 (2018). https://doi.org/10.1007/s10766-017-0523-0

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10766-017-0523-0

Keywords

Search

Navigation