ABSTRACT
This paper proposes an efficient hardware/software system that significantly enhances software security through diversified replication on multi-cores. Recent studies show that a large class of software attacks can be detected by running multiple versions of a program simultaneously and checking the consistency of their behaviors. However, execution of multiple replicas incurs significant overheads on today's computing platforms, especially with fine-grained comparisons necessary for high security. Orthrus exploits similarities in automatically generated replicas to enable simultaneous execution of those replicas with minimal overheads; the architecture reduces memory and bandwidth overheads by compressing multiple memory spaces together, and additional power consumption and silicon area by eliminating redundant computations. Utilizing the hardware architecture, Orthrus implements a fine-grained memory layout diversification with the LLVM compiler and can detect corruptions in both pointers and critical data. Experiments indicate that the Orthrus architecture incurs minimal overheads and provides a protection against a broad range of attacks.
- T. Austin. DIVA: A reliable substrate for deep submicron microarchitecture design. In Proceedings of the 32th International Symposium on Microarchitecture, November 1999. Google Scholar
- E. G. Barrantes, D. H. Ackley, T. S. Palmer, D. Stefanovic, and D. D. Zovi. Randomized instruction set emulation to disrupt binary code injection attacks. In Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS03), 2003. Google Scholar
- E. D. Berger and B. G. Zorn. DieHard: Probabilistic memory safety for unsafe languages. In PLDI '06: Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation, 2006. Google Scholar
- S. Bhatkar, D. C. DuVarney, and R. Sekar. Address obfuscation: an efficient approach to combat a broad range of memory error exploitsth. In Proceedings of 12th USENIX Security Symposium, 2003. Google Scholar
- S. Biswas, D. Franklin, A. Savage, R. Dixon, T. Sherwood, and F. T. Chong. Multi-execution: multicore caching for data-similar executions. In Proceeding of the 36th International Symposium on Computer Architecture, June 2009. Google Scholar
- T. Bressoud and F. Schneider. Hypervisor-based fault tolerance. In 15th ACM Symposium on Operating Systems Principles, 1995. S. Chen, M. Kozuch, T. Strigkos, B. Falsafi, P. Gibbons, T. Mowry, Google Scholar
Digital Library
- V. Ramachandran, O. Ruwase, M. Ryan, and E. Vlachos. Flexible hardware acceleration for instruction-grain program monitoring. In Proceedings of the 35th International Symposium on Computer Architecture, June 2008. Google Scholar
- M. Chew and D. Song. Mitigating buffer overflows by operating system randomization. In Technical Report CMU-CS-02-197, 2002.Google Scholar
- J. Clause, I. Doudalis, A. Orso, and M. Prvulovic. Effective memory protection using dynamic tainting. In Proceedings of the 22nd International Conference on Automated Software Engineering, 2007. Google Scholar
Digital Library
- B. Cox, D. Evans, A. Filipi, J. Rowanhill, W. Hu, J. Davidson, J. Knight, A. Nguyen-Tuong, and J. Hiser. N-variant systems: A secretless framework for security through diversity. In Proceedings of the 15th USENUX Security Symposium, August 2006. Google Scholar
- J. R. Crandall and F. T. Chong. Minos: Control data attack prevention orthogonal to memory model. In Proceedings of the 37th International Conference on Microarchitecture, December 2004. Google Scholar
- M. Dalton, H. Kannan, and C. Kozyrakis. Raksha: A flexible information flow architecture for software security. In Proceedings of the 34th International Symposium on Computer Architecture, June 2007. Google Scholar
- J. Devietti, C. Blundell, M. M. K. Martin, and S. Zdancewic. Hardbound: architectural support for spatial safety of the C programming language. In ASPLOS XIII: Proceedings of the 13th international conference on Architectural support for programming languages and operating systems, pages 103--114, 2008. Google Scholar
- J. Devietti, B. Lucia, L. Ceze, and M. Oskin. Dmp: deterministic shared memory multiprocessing. In ASPLOS XIV: Proceeding of the 14th international conference on Architectural support for programming languages and operating systems, 2009. Google Scholar
- D. Dhurjati and V. Adve. Backwards-compatible array bounds checking for C with very low overhead. In Proceeding of the 28th International Conference on Software Engineering, May 2006. Google Scholar
Digital Library
- S. Forrest, A. Somayaji, and D. H. Ackley. Building diverse computer systems. In Proceedings of 6th Workshop on Hot Topics in Operating Systems, 1997. Google Scholar
- M. Franz. Understanding and countering insider threats in software development. In Proceedings of the 2008 International Conference on e-Technologies, January 2008. Google Scholar
- J. L. Henning. SPEC CPU2000: Measuring CPU performance in the new millennium. IEEE Computer, July 2000. Google Scholar
- D. R. Hower and M. D. Hill. Rerun: Exploiting episodes for lightweight memory race recording. In Proceedings of the 35th International Symposium on Computer Architecture, June 2008. Google Scholar
- Intel Inc. Intel Details Upcoming New Processor Generations, 2007. http://www.intel.com/pressroom/archive/releases/20070328fact.html.Google Scholar
- T. Jim, G. Morrisett, D. Grossman, M. Hicks, J. Cheney, and Y.Wang. Cyclone: A safe dialect of C. In Proceedings of the USENIX Annual Technical Conference, 2002. Google Scholar
- H. Kannan. Ordering decoupled metadata accesses in multiprocessors. In ACM/IEEE 42nd International Symposium on Microarchitecture (MICRO-42), December 2009. Google Scholar
- G. S. Kc, A. D. Keromytis, and V. Prevelakis. Countering codeinjection attacks with instruction-set randomization. In Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS03), 2003. Google Scholar
- C. Lattner and V. Adve. LLVM: A compilation framework for lifelong program analysis & transformation. In Proceedings of the 2004 International Symposium on Code Generation and Optimization, March 2004. Google Scholar
- S. Lu, Z. Li, F. Qin, L. Tan, P. Zhou, and Y. Zhou. Bugbench: Benchmarks for evaluating bug detection tools. In Workshop on the Evaluation of Software Defect Detection Tools(PLDI'05), 2005.Google Scholar
- C.-K. Luk, R. Cohn, R. Muth, H. Patil, A. Klauser, G. Lowney, S.Wallace, V. J. Reddi, and K. Hazelwood. Pin: Building customized program analysis tools with dynamic instrumentation. In Proceedings of the 2005 Conference on Programming Language Design and Implementation International (PLDI), June 2005. Google Scholar
- P. Montesinos, L. Ceze, and J. Torrellas. DeLorean: Recording and deterministically replaying shared-memory multiprocessor execution effciently. In Proceedings of the 35th International Symposium on Computer Architecture, June 2008. Google Scholar
- V. Nagarajan, H.-S. Kim, Y. Wu, and R. Gupta. Dynamic information flow tracking on multicores. In Proceedings of the Workshop on Interaction between Compilers and Computer Architectures, 2008.Google Scholar
- S. Nagarakatte, J. Zhao, M. M. Martin, and S. Zdancewic. Softbound: highly compatible and complete spatial memory safety for c. In PLDI '09: Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation, pages 245--258, 2009. Google Scholar
- G. C. Necula, S. McPeak, and W. Weimer. CCured: Type-safe retrofitting of legacy code. In Proceedings of the 29th ACM Symposium on Principles of Programming Languages, 2002. Google Scholar
- A. Nguyen-Tuong, D. Evans, J. C. Knight, B. Cox, and J. W. Davidson. Security through redundant data diversity. In Proceedings of the 38th IEEE/IFPF International Conference on Dependable Systems and Networks, Dependable Computing and Communications Symposium, 2008.Google Scholar
- R. Pucella and R. B. Schneider. Independence from obfuscation: A semantic framework for diversity. In Proceedings of the 2006 Computer Security Foundations Workshop, 2006. Google Scholar
- O. Ruwase and M. S. Lam. A practical dynamic buffer overflow detector. In Proceedings of the 11th Annual Network and Distributed System Security Symposium, 2004.Google Scholar
- B. Salamat, T. Jackson, A. Gal, and M. Franz. Orchestra: intrusion detection using parallel execution and monitoring of program variants in user-space. In EuroSys '09: Proceedings of the 4th ACM European conference on Computer systems, 2009. Google Scholar
- R. C. Seacord. Secure Coding in C and C++ (SEI Series in Software Engineering). Addison--Wesley Professional, 2005. ISBN 0321335724. Google Scholar
- H. Shacham, M. Page, B. Pfaff, E. Goh, N. Modadugu, and D. Boneh. On the effectiveness of address-space randomization. In Proceedings of the 11th ACM Conference on Computer and Communications Security, 2004. Google Scholar
- W. Shi, H.-H. S. Lee, L. Falk, and M. Ghosh. INDRA: An integrated framework for dependable and revivable architectures using multicore processors. In Proceedings of the 33rd International Symposium on Computer Architecture, 2006. Google Scholar
- P. Shivakumar and N. J. Jouppi. CACTI 3.0: An integrated cache timing, power, and area model. Technical report, WRL Research Report, Feb. 2001.Google Scholar
- A. N. Sovarel, D. Evans, and N. Paul. Wheres the FEEB? the effectiveness of instruction set randomizationth. In Proceedings of the 14th USENIX Security Symposium, 2005. Google Scholar
- G. E. Suh, J. Lee, D. X. Zhang, and S. Devadas. Secure program execution via dynamic information flow tracking. In Proceedings of the 11th Int'l Conference on Architectural Support for Programming Languages and Operating Systems, October 2004. Google Scholar
- J. Tucek, W. Xiong, and Y. Zhou. Efficient online validation with delta execution. In Proceedings of the 14th International Conference on Architecture Support for Programming Languages and Operating Systems, 2009. Google Scholar
- S. Vlaovic. TAXI: Trace analysis for x86 interpretation. In Proceedings of the 2002 IEEE International Conference on Computer Design, pages 508--514, 2002. Google Scholar
- C. Weaver and T. Austin. A fault tolerant approach to microprocessor design. In IEEE International Conference on Dependable Systems and Networks (DSN-2001), June 2001. Google Scholar
- J. Xu, Z. Kalbarczyk, and R. K. Iyer. Transparent runtime randomization for security. In Proceedings of 22nd International Symposium on Reliable Distributed Systems (SRDS03), 2003.Google Scholar
- A. R. Yumerefendi, B. Mickle, and L. P. Cox. Tightlip: Keeping applications from spilling the beans. In NSDI, 2007. Google Scholar
Digital Library
- P. Zhou, W. Liu, L. Fei, S. Lu, F. Qin, Y. Zhou, S. Midkiff, and J. Torrellas. Accmon: Automatically detecting memory-related bugs via program counter-based invariants. In 37th International Symposium on Microarchitecture (MICRO), pages 269--280, 2004. Google Scholar
- M. Zitser, R. Lippmann, and T. Leek. Testing static analysis tools using exploitable buffer overflows from open source code. SIGSOFT Softw. Eng. Notes, 29(6):97--106, 2004. Google Scholar
Index Terms
Orthrus: efficient software integrity protection on multi-cores
Recommendations
Orthrus: efficient software integrity protection on multi-cores
ASPLOS '10This paper proposes an efficient hardware/software system that significantly enhances software security through diversified replication on multi-cores. Recent studies show that a large class of software attacks can be detected by running multiple ...
Orthrus: efficient software integrity protection on multi-cores
ASPLOS '10This paper proposes an efficient hardware/software system that significantly enhances software security through diversified replication on multi-cores. Recent studies show that a large class of software attacks can be detected by running multiple ...
Orthrus: a framework for implementing high-performance collective I/O in the multicore clusters
HPDC '13: Proceedings of the 22nd international symposium on High-performance parallel and distributed computingThis paper presents a framework, Orthrus, that can accommodate multiple collective-I/O implementations, each optimized for some performance aspects, and dynamically select the best performing one accordingly to current workload and system performance ...








Comments