article

Enabling trusted software integrity

Authors:

Darko Kirovski,

Milenko Drinić,

Miodrag PotkonjakAuthors Info & Claims

ACM SIGOPS Operating Systems Review, Volume 36, Issue 5

Pages 108 - 120

https://doi.org/10.1145/635508.605409

Published: 01 October 2002 Publication History

Abstract

Preventing execution of unauthorized software on a given computer plays a pivotal role in system security. The key problem is that although a program at the beginning of its execution can be verified as authentic, while running, its execution flow can be redirected to externally injected malicious code using, for example, a buffer overflow exploit. Existing techniques address this problem by trying to detect the intrusion at run-time or by formally verifying that the software is not prone to a particular attack.We take a radically different approach to this problem. We aim at intrusion prevention as the core technology for enabling secure computing systems. Intrusion prevention systems force an adversary to solve a computationally hard task in order to create a binary that can be executed on a given machine. In this paper, we present an exemplary system--SPEF--a combination of architectural and compilation techniques that ensure software integrity at run-time. SPEF embeds encrypted, processor-specific constraints into each block of instructions at software installation time and then verifies their existence at run-time. Thus, the processor can execute only properly installed programs, which makes installation the only system gate that needs to be protected. We have designed a SPEF prototype based on the ARM instruction set and validated its impact on security and performance using the MediaBench suite of applications.

References

[1]

ARM Corp. The ARM hardware-software development kit. Available online at http://www.arm.com.

[2]

N. Borisov, I. Goldberg, and D. Wagner. Intercepting mobile communications: the insecurity of 802.11. MOBICOM, 2001.

Digital Library

[3]

S. Chari and P.-C. Cheng. Bluebox: A policy driven, host-based intrusion detection system. Network and Distributed System Security, February 2002.

Digital Library

[4]

H. Chen, D. Wagner, and D. Dean. Setuid demystified. USENIX Security Symposium, 2002.

Digital Library

[5]

C. Cowan, C. Pu, D. Maier, H. Hinton, J. Walpole, P. Bakke, S. Beattie, A. Grier, and P. W. Q. Zhang. Stackguard: automatic adaptive detection and prevention of buffer-overflow attacks. USENIX Security Symposium, pages 63-77, Jan. 1998.

Digital Library

[6]

C. Cowan, F. Wagle, P. Calton, S. Beattie, and J. Walpole. Buffer overflows: attacks and defenses for the vulnerability of the decade. DARPA Information Survivability Conference and Exposition. IEEE Computer Soc, 2:95-107, 2000.

[7]

D. Evans. Static detection of dynamic memory errors. Programming Language Design and Implementation, pages 44-53, 1996.

Digital Library

[8]

D. Evans, J. Guttag, J. Horning, and Y. Tan. LCLint: A tool for using specifications to check code. ACM SIGSOFT Symposium on the Foundations of Software Engineering, pages 87-96, 1994.

Digital Library

[9]

I. Goldberg, D. Wagner, R. Thomas, and E. Brewer. A secure environment for untrusted helper applications. USENIX Security Symposium, pages 1-13, July 1996.

Digital Library

[10]

Intel Corp. Processor Serial Number Technical Notes. Available on-line at http://www.intel.com.

[11]

S. Johnson. Lint, a C program checker. Unix Programmer's Manual, AT&T Bell Laboratories, 1978.

[12]

D. Larochelle and D. Evans. Statically detecting likely buffer overflow vulnerabilities. USENIX Security Symposium, pages 177-89, Aug. 2001.

Digital Library

[13]

C. Lee, M. Potkonjak, and W. H. Mangione-Smith. Mediabench: A tool for evaluating and synthesizing multimedia and communications systems. International Symposium on Microarchitecture, 330-351, 1997.

Digital Library

[14]

D. Martin, Jr, S. Rajagopalan, and A. Rubin. Blocking java applets at the firewall. Network and Distributed System Security, pages 16-26, 1997.

Digital Library

[15]

A. Menezes, P. V. Oorschot, and S. Vanstone. Handbook of Applied Cryptography. CRC Press, Boca Raton, FL, October 1996.

Digital Library

[16]

R. Minnich. The Linux BIOS Home Page. Available on-line at http://www.acl.lanl.gov/linuxbios.

[17]

G. Necula. Proof-carrying code. Symposium on Principles of Programming Languages, pages 106-119, 1997.

Digital Library

[18]

A. One. Smashing the stack for fun and profit. Phrack, 49, 1996.

[19]

Phoenix Technologies Ltd. System BIOS for IBM PCs, Compatibles, and EISA Computers. Addison-Wesley, Reading, MA, 1991.

[20]

A. Rubin and D. Geer, Jr. Mobile code security. IEEE Internet Computing, 2(6):30-34, 1998.

Digital Library

[21]

Sci-Worx GmbH. AES Rijndael core. Available on-line at http://www.sci-worx.com.

[22]

D. Seeley. The internet worm, password cracking: a game of wits. Communications of the ACM, 32(6):700-3, June 1989.

Digital Library

[23]

R. Sekar and P. Uppuluri. Synthesizing fast intrusion prevention/detection systems from high-level specifications. USENIX Security Symposium, pages 63-78, 1999.

Digital Library

[24]

U. Shankar, K. Talwar, J. Foster, and D. Wagner. Detecting format string vulnerabilities with type qualifiers. pages 201-20, 2001.

[25]

M. Smith. Support for speculative execution in high-performance processors. PhD thesis, Stanford University, 1992.

Digital Library

[26]

R. Tomasulo. An efficient algorithm for exploiting multiple arithmetic units. IBM Journal, pages 25-33, 1967.

Digital Library

[27]

D. Wagner, J. Foster, E. Brewer, and A. Aiken. A first step towards automated detection of buffer overrun vulnerabilities. Network and Distributed System Security, 2000.

[28]

C. Wilson and L. Osterweil. Omega - a data flow analysis tool for the C programming language. IEEE Trans. on Software Engineering, 11(9):832-8, 1985.

Digital Library

[29]

Zero Knowledge Systems Inc. The Intel Pentium III Exploit Page. Available on-line at http://www.zeroknowledge.com/p3/home.asp.

Cited By

Price S(2018)A Heuristic Search for Identifying Required Application Libraries Supporting a Run-Time Security PolicyInformation Security Journal: A Global Perspective10.1080/1939355090337595319:2(100-108)Online publication date: 15-Dec-2018
https://dl.acm.org/doi/10.1080/19393550903375953
Tao HChen Y(2018)A new metric model for trustworthiness of softwaresTelecommunications Systems10.1007/s11235-011-9420-951:2-3(95-105)Online publication date: 29-Dec-2018
https://dl.acm.org/doi/10.1007/s11235-011-9420-9
Chang CPotkonjak MZhang L(2016)Hardware IP Watermarking and FingerprintingSecure System Design and Trustable Computing10.1007/978-3-319-14971-4_10(329-368)Online publication date: 2016
https://doi.org/10.1007/978-3-319-14971-4_10
Show More Cited By

Enabling trusted software integrity
1. Security and privacy
  1. Systems security
2. Social and professional topics
  1. Computing / technology policy

Recommendations

Enabling trusted software integrity
Special Issue: Proceedings of the 10th annual conference on Architectural Support for Programming Languages and Operating Systems

Preventing execution of unauthorized software on a given computer plays a pivotal role in system security. The key problem is that although a program at the beginning of its execution can be verified as authentic, while running, its execution flow can ...
Enabling trusted software integrity
ASPLOS X: Proceedings of the 10th international conference on Architectural support for programming languages and operating systems

Preventing execution of unauthorized software on a given computer plays a pivotal role in system security. The key problem is that although a program at the beginning of its execution can be verified as authentic, while running, its execution flow can ...
Enabling trusted software integrity

Preventing execution of unauthorized software on a given computer plays a pivotal role in system security. The key problem is that although a program at the beginning of its execution can be verified as authentic, while running, its execution flow can ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGOPS Operating Systems Review

ACM SIGOPS Operating Systems Review Volume 36, Issue 5

December 2002

296 pages

ISSN:0163-5980

DOI:10.1145/635508

Issue’s Table of Contents

ASPLOS X: Proceedings of the 10th international conference on Architectural support for programming languages and operating systems
October 2002
318 pages
ISBN:1581135742
DOI:10.1145/605397
Conference Chair:
Kourosh Gharachorloo
Compaq Western Research Lab
,
Program Chair:
David A. Wood

Copyright © 2002 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 October 2002

Published in SIGOPS Volume 36, Issue 5

Check for updates

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

52
Total Citations
View Citations
9,949
Total Downloads

Downloads (Last 12 months)14
Downloads (Last 6 weeks)3

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Price S(2018)A Heuristic Search for Identifying Required Application Libraries Supporting a Run-Time Security PolicyInformation Security Journal: A Global Perspective10.1080/1939355090337595319:2(100-108)Online publication date: 15-Dec-2018
https://dl.acm.org/doi/10.1080/19393550903375953
Tao HChen Y(2018)A new metric model for trustworthiness of softwaresTelecommunications Systems10.1007/s11235-011-9420-951:2-3(95-105)Online publication date: 29-Dec-2018
https://dl.acm.org/doi/10.1007/s11235-011-9420-9
Chang CPotkonjak MZhang L(2016)Hardware IP Watermarking and FingerprintingSecure System Design and Trustable Computing10.1007/978-3-319-14971-4_10(329-368)Online publication date: 2016
https://doi.org/10.1007/978-3-319-14971-4_10
Zhang XLi WZheng ZGuo B(2012)Optimized statistical analysis of software trustworthiness attributesScience China Information Sciences10.1007/s11432-012-4646-z55:11(2508-2520)Online publication date: 23-Oct-2012
https://doi.org/10.1007/s11432-012-4646-z
Tao HChen Y(2010)Another Metric Model for Trustworthiness of Softwares Based on PartitionQuantitative Logic and Soft Computing 201010.1007/978-3-642-15660-1_70(695-705)Online publication date: 2010
https://doi.org/10.1007/978-3-642-15660-1_70
Zheng ZMa SLi WWei WJiang XZhang ZGuo B(2009)Dynamical characteristics of software trustworthiness and their evolutionary complexityScience in China Series F: Information Sciences10.1007/s11432-009-0137-252:8(1328-1334)Online publication date: 8-Aug-2009
https://doi.org/10.1007/s11432-009-0137-2
Zhang HGhosh SFix JApostolakis SBeard SNagendra NOh TAugust DBahar IHerlihy MWitchel ELebeck A(2019)Architectural Support for Containment-based SecurityProceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3297858.3304020(361-377)Online publication date: 4-Apr-2019
https://dl.acm.org/doi/10.1145/3297858.3304020
Andel TWhitehurst LMcDonald JAl-Assadi W(2018)Enhancing Security Against Software Attacks with Reprogrammable Hardware2018 1st International Conference on Data Intelligence and Security (ICDIS)10.1109/ICDIS.2018.00049(258-266)Online publication date: Apr-2018
https://doi.org/10.1109/ICDIS.2018.00049
Chellappa SClark L(2016)SRAM-Based Unique Chip Identifier TechniquesIEEE Transactions on Very Large Scale Integration (VLSI) Systems10.1109/TVLSI.2015.244575124:4(1213-1222)Online publication date: Apr-2016
https://doi.org/10.1109/TVLSI.2015.2445751
Liu BQu G(2016)VLSI supply chain security risks and mitigation techniques: A surveyIntegration10.1016/j.vlsi.2016.03.00255(438-448)Online publication date: Sep-2016
https://doi.org/10.1016/j.vlsi.2016.03.002
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents