Enabling Trusted Software Integrity - PowerPoint PPT Presentation

1 / 21
About This Presentation
Title:

Enabling Trusted Software Integrity

Description:

setuid() Chen, Wagner, Dean, 2002. What Can Be Done? StackGuard ... Static analysis Wagner, 2000. Verify all buffers promising idea. Too many false alarms ... – PowerPoint PPT presentation

Number of Views:11
Avg rating:3.0/5.0
Slides: 22
Provided by: darkoki
Category:

less

Transcript and Presenter's Notes

Title: Enabling Trusted Software Integrity


1
Enabling Trusted Software Integrity
  • Darko Kirovski
  • Microsoft Research
  • Milenko Drinic
  • Miodrag Potkonjak
  • Computer Science Department
  • University of California, Los Angeles

2
Problem Description
3
Buffer Overrun
  • Goal
  • Explore improperly implemented I/O
  • Divert execution to attack code
  • Simplest variant Stack smashing
  • Smashing The Stack For Fun And Profit by Aleph
    One (aleph1_at_underground.org), Phrack 49, 1996.
  • Numerous variants explore different
    vulnerabilities
  • Tutorials on the Web with bug descriptions
  • setuid() Chen, Wagner, Dean, 2002.

4
What Can Be Done?
  • StackGuard Cowan et al., 1998
  • Dummy value next to return address
  • Bounds checking for all pointers Jones, Kelly,
    1995
  • Slow in pointer-intensive software
  • Static analysis Wagner, 2000
  • Verify all buffers promising idea
  • Too many false alarms
  • Need to be resolved manually

5
Intrusion Prevention
  • Current approaches
  • Intrusion detection
  • PREVENT rather than DETECT is easier
  • Intrusion prevention system
  • Adversary must solve a computationally difficult
    task to run programs in high priority
  • Two types of binaries
  • Ordinary
  • Touched with a security wand
  • Run-time verification

6
Outline
  • How the system works?
  • Software installation
  • Example of constraint embedding
  • Run-time verification
  • How to break the system?
  • Effect on performance

7
Outline
  • How the system works?
  • Software installation
  • Example of constraint embedding
  • Run-time verification
  • How to break the system?
  • Effect on performance

8
(No Transcript)
9
Outline
  • How the system works?
  • Software installation
  • Example of constraint embedding
  • Run-time verification
  • How to break the system?
  • Effect on performance

10
Software Installation
  • Installer is on-chip or on an EPROM with verified
    contents
  • Single process
  • I/O memory mapped
  • Interrupts disabled
  • Used registers, memory overwritten
  • BOOT on PCs

GOAL embed constraintsw/o revealing CPUID.
11
Outline
  • How the system works?
  • Software installation
  • Example of constraint embedding
  • Run-time verification
  • How to break the system?
  • Effect on performance

12
Example Instruction Scheduling
13
How the Bitstream Reorders Ops?
14
Constraint Embedding Techniques
  • Entropy of program representation is high
  • Reduce entropy w/ constraints for 50 bits with
    preserved performance
  • Exact entropy reduction unique for each CPUID
  • Constraint types
  • Examples
  • Instruction rescheduling
  • Register assignment
  • Basic block reordering
  • Conditional branch selection
  • Filling unused opcode fields
  • Toggling signs of operands
  • Requirements
  • High entropy
  • Functional transparency
  • Transformation invariance
  • Effective implementation
  • Low performance overhead

15
Outline
  • How the system works?
  • Software installation
  • Example of constraint embedding
  • Run-time verification
  • How to break the system?
  • Effect on performance

16
Run-time Code Verification
  • ARM instruction set and simulated system
  • 50 cycles
  • 20K gates
  • HW support?

Cache line
17
Outline
  • How the system works?
  • Software installation
  • Example of constraint embedding
  • Run-time verification
  • How to break the system?
  • Effect on performance

18
How to Break the System?
  • Cryptographically secure keyed MAC
  • Hard to extract CPUID from working-copies
  • Hard to create an I-block with CPUID constraints
    satisfied w/o the CPUID
  • Patch low entropy instruction blocks
  • I-block with low entropy? Example
  • I-block one instruction and all other NOPS
  • Hardware must detect I-blocks with low entropy
  • Count and limit domain cardinality
  • Done during domain ordering
  • Patch I-blocks from working copies
  • Difficult? Hard to evaluate w/o a lot of software

19
Outline
  • How the system works?
  • Software installation
  • Example of constraint embedding
  • Run-time verification
  • How to break the system?
  • Effect on performance

20
Performance
  • Simulated w/ ARMulator
  • ARM instruction set
  • MediaBench suite
  • Embedded bits of entropy
  • Performance effect
  • 13-25 overhead
  • 7-17 with a cache that logs TI-hashes

21
Summary
  • Intrusion prevention
  • On-line software verification for authenticity
  • Keyed message authentication code
  • Stored as footer
  • Stored as constraints
  • 50 decrease in code size overhead
  • Public and trusted execution mode
  • Relatively hi/lo performance overhead
  • No hardware acceleration
  • 20 - sets back Moores Law 4.5 months ?
Write a Comment
User Comments (0)
About PowerShow.com