Cited By
View all- Keromytis A(2007)Characterizing Software Self-healing SystemsComputer Network Security10.1007/978-3-540-73986-9_2(22-33)Online publication date: 2007
Speculative virtual verification: policy-constrained speculative execution
Pages 119 - 124
Abstract
A key problem facing current computing systems is the inability to autonomously manage security vulnerabilities as well as more mundane errors. Since the design of computer architectures is usually performance-driven, hardware often lacks primitives for tasks in which raw speed is not the primary goal. There is little architectural support for monitoring execution at the instruction level, and no mechanisms for assisting an automated response.This paper advocates modifying general-purpose processors to provide both program supervision and automatic response via a policy-driven monitoring mechanism and instruction stream rewriting, respectively. These capabilities form the basis of speculative virtual verification (SVV).SVV is a model for the speculative execution of code based on high-level security and safety constraints. We introduce architectural enhancements to support this framework, including the ability to supply an automated response by rewriting the instruction stream. Finally, given the novelty of the SVV approach to executing software, we briefly consider some important challenges for SVV-based systems.
References
[1]
A. Baratloo, N. Singh, and T. Tsai. Transparent Run-Time Defense Against Stack Smashing Attacks. In Proceedings of the USENIX Annual Technical Conference, June 2000.
[2]
E. G. Barrantes, D. H. Ackley, S. Forrest, T. S. Palmer, D. Stefanovic, and D. D. Zovi. Randomized Instruction Set Emulation to Distrupt Binary Code Injection Attacks. In 10th ACM Conference on Computer and Communications Security (CCS), October 2003.
[3]
G. Candea and A. Fox. Crash-Only Software. In Proceedings of the 9th Workshop on Hot Topics in Operating Systems (HOTOS-IX), May 2003.
[4]
B. Chen and R. Morris. Certifying Program Execution with Secure Processors. In Proceedings of the 9th Workshop on Hot Topics in Operating Systems, pages 133--138, May 2003.
[5]
C. Cowan, C. Pu, D. Maier, H. Hinton, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, and Q. Zhang. Stackguard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. 1998.
[6]
B. Demsky and M. C. Rinard. Automatic Data Structure Repair for Self-Healing Systems. In Proceedings of the 1st Workshop on Algorithms and Architectures for Self-Managing Systems, June 2003.
[7]
M. Evers, S. J. Patel, and Y. N. Patt. An Analysis of Correlation and Predictability: What Makes Two-Level Branch Predictors Work. In Proceedings of the 25th International Symposium on Computer Architecture, June 1998.
[8]
S. Forrest, A. Somayaji, and D. Ackley. Building Diverse Computer Systems. In Proceedings of the 6th Workshop on Hot Topics in Operating Systems, pages 67--72, 1997.
[9]
T. Garfinkel and M. Rosenblum. A Virtual Machine Introspection Based Architecture for Intrusion Detection. In 10thISOC Symposium on Network and Distributed Systems Security (SNDSS), February 2003.
[10]
T. Garfinkel, M. Rosenblum, and D. Boneh. Flexible OS Support and Applications for Trusted Computing. In Proceedings of the 9th Workshop on Hot Topics in Operating Systems, pages 145--150, May 2003.
[11]
J. L. Hennessy and D. A. Patterson. Computer Architecture: A Quantitative Approach. Morgan Kaufmann Publishers, 3rd edition, 2003.
[12]
D. A. Holland, A. T. Lim, and M. I. Seltzer. An Architecture a Day Keeps The Hacker Away. In Proceedings of the Workshop on Architectural Support for Security and Anti-Virus (WASSA), October 2004.
[13]
G. S. Kc, A. D. Keromytis, and V. Prevelakis. Countering Code-Injection Attacks With Instruction-Set Randomization. In 10th ACM Conference on Computer and Communications Security (CCS), October 2003.
[14]
V. Kiriansky, D. Bruening, and S. Amarasinghe. Secure Execution Via Program Shepherding. In Proceeding of the 11th USENIX Security Symposium, August 2002.
[15]
B. A. Kuperman, C. E. Brodley, H. Ozdoganoglu, T. N. Vijaykumar, and A. Jalote. Detection and Prevention of Stack Buffer Overflow Attacks. Communications of the ACM, 48(11):51--56, November 2005.
[16]
R. B. Lee, D. K. Karig, J. P. McGregor, and Z. Shi. Enlisting Hardware Architecture to Thwart Malicious Code Injection. In Proceedings of the International Conference on Security in Pervasive Computing (SPC-2003), Lecture Notes in Computer Science, Springer Verlag, March 2003.
[17]
D. Lie, J. Mitchell, C. Thekkath, and M. Horwitz. Specifying and Verifying Hardware for Tamper-Resistant Software. In Proceedings of the IEEE Symposium on Security and Privacy, 2003.
[18]
D. Lie, C. Thekkath, and M. Horowitz. Implementing an Untrusted Operating System on Trusted Hardware. In Proceedings of the 19th ACM Symposium on Operating Systems Principles (SOSP), October 2003.
[19]
D. Lie, C. Thekkath, M. Mitchell, and P. Lincoln. Architectural Support for Copy and Tamper Resistant Software. In Proceedings of the 9th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS IX), 2000.
[20]
J. P. McGregor and R. B. Lee. Protecting Cryptographic Keys and Computations via Virtual Secure Coprocessing. In Proceedings of the Workshop on Architectural Support for Security and Anti-Virus (WASSA), October 2004.
[21]
N. Nethercote and J. Seward. Valgrind: A Program Supervision Framework. In Electronic Notes in Theoretical Computer Science, volume 89, 2003.
[22]
J. Oplinger and M. S. Lam. Enhancing Software Reliability with Speculative Threads. In Proceedings of the 10th International Conference on Architectural Support for Programming Languages and Operating Systems(ASPLOS X), October 2002.
[23]
H. Patil and C. N. Fischer. Efficient Turn-time Monitoring Using Shadow Processing. In Proceedings of the 2nd International Workshop on Automated and Algorithmic Debugging, 1995.
[24]
N. L. Petroni, T. Fraser, J. Molina, and W. A. Arbaugh. Copilot -- a Coprocessor-based Kernel Runtime Integrity Monitor. In 13thUSENIX Security Symposium, pages 179--194.
[25]
J. C. Reynolds, J. Just, L. Clough, and R. Maglich. On-Line Intrusion Detection and Attack Prevention Using Diversity, Genrate-and-Test, and Generalization. In Proceedings of the 36th Hawaii International Conference on System Sciences (HICSS), 2003.
[26]
M. Rinard, C. Cadar, D. Dumitran, D. Roy, T. Leu, and J. W Beebee. Enhancing server availability and security through failure-oblivious computing. In Proceedings of the 6th Symposium on Operating Systems Design and Implementation (OSDI), December 2004.
[27]
R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and Implementation of a TCG-based Integrity Measurement Architecture. In 13thUSENIX Security Symposium, pages 223--238.
[28]
S. Sidiroglou and A. D. Keromytis. A Network Worm Vaccine Architecture. In Proceedings of the IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), Workshop on Enterprise Security, pages 220--225, June 2003.
[29]
S. Sidiroglou, M. E. Locasto, S. W. Boyd, and A. D. Keromytis. Building a Reactive Immune System for Software Services. In Proceedings of the USENIX Annual Technical Conference, pages 149--161, April 2005.
[30]
S. Sidiroglou, M. E. Locasto, and A. D. Keromytis. Hardware Support For Self-Healing Software Services. In Proceedings of the Workshop on Architectural Support for Security and Anti-Virus (WASSA), pages 37--43, October 2004.
[31]
C. Small and M. Seltzer. MiSFIT: A Tool for Constructing Safe Extensible C++ Systems. IEEE Concurrency, 6(3):33--41, 1998.
[32]
G. E. Suh, J. W. Lee, D. Zhang, and S. Devadas. Secure Program Execution via Dynamic Information Flow Tracking. In Proceedings of the 11th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS-XI), October 2004.
[33]
N. Wang, M. Fertig, and S. J. Patel. Y-Branches: When You Come to a Fork in the Road, Take It. In Proceedings of the 12th International Conference on Parallel Architectures and Compilation Techniques, September 2003.
Index Terms
- Speculative virtual verification: policy-constrained speculative execution
Recommendations
Three Architectural Models for Compiler-Controlled Speculative Execution
To effectively exploit instruction level parallelism, the compiler must move instructions across branches. When an instruction is moved above a branch that it is control dependent on, it is considered to be speculatively executed since it is executed ...
Using Predicated Execution to Improve the Performance of a Dynamically Scheduled Machine with Speculative Execution
Conditional branches incur a severe performance penalty in wide-issue, deeply pipelined processors. Speculative execution(1, 2) and predicated execution(3---9) are two mechanisms that have been proposed for reducing this penalty. Speculative execution ...
Dynamic schemes for speculative execution of code
Speculative execution of code is becoming a key technique for enhancing the performance of pipeline processors. In this work we study schemes that predict the execution path of a program based on the history of branch executions. Building on previous ...
Comments
Information & Contributors
Information
Published In
Copyright © 2005 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
- ACSA: Applied Computing Security Assoc
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 20 September 2005
Check for updates
Author Tags
Qualifiers
- Article
Acceptance Rates
Overall Acceptance Rate 98 of 265 submissions, 37%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 207Total Downloads
- Downloads (Last 12 months)1
- Downloads (Last 6 weeks)0
Reflects downloads up to 05 Mar 2025
Other Metrics
Citations
Cited By
View all- Keromytis A(2007)Characterizing Software Self-healing SystemsComputer Network Security10.1007/978-3-540-73986-9_2(22-33)Online publication date: 2007
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in