snu ee shin jin woo
DESCRIPTION
Enabling Trusted Software Integrity. SNU EE Shin Jin Woo. 2005. 11. 28. Table of Contents. Motivation What is SPEF? Preliminaries Installation Mode Flowchart of SPEF system Implementation of SPEF Experimental Results Future Works. 1. Motivation. Security Attacks. Module 1. - PowerPoint PPT PresentationTRANSCRIPT
Java Virtual MachineJava Virtual Machine22
1. Motivation
2. What is SPEF?
3. Preliminaries
4. Installation Mode
5. Flowchart of SPEF
system
6. Implementation of SPEF
7. Experimental Results
8. Future Works
Table of Contents
Java Virtual MachineJava Virtual Machine33
1. Motivation
Module 1
• Installation of distrusted software
Security Attacks
• Redirection of execution flow to malicious code ex) buffer overflow (stack smashing)
Java Virtual MachineJava Virtual Machine44
1. Motivation
Module 1
• Intrusion Detection
Existing Techniques
• Formal Verification
- Scan system resources - Detect the activity of intrusive agents
- Set a formally defined methods- Do a static analysis on the code to ensure security
Intrusion Prevention
A New Approach
Java Virtual MachineJava Virtual Machine55
2. What is SPEF?
Module 1
• What is it?
SPEF(Secure Program Execution Framework)
• What does it do?
- An demonstration of an intrusion prevention system- A framework of architectural and compilation mechanisms
- Force an adversary to solve an intractable task- Install S/W binary by encoding a set of constraints
• Is the system secure now?
- Force the trusted user to inject intrusive S/W- The best we can hope!!
Java Virtual MachineJava Virtual Machine66
2. What is SPEF?
Module 1SPEF(Secure Program Execution Framework)• How do we encode constraints into binary?
- Store a secret key inside processor H/W
- Only S/W installer can access the key
- Used the key to setup constraints
- Embed the constraints into the binary
- Verify the binary at run-time
we need special installation mode
Java Virtual MachineJava Virtual Machine77
3. Preliminaries
Module 1Processor-Unique Identifier• R/O register with unique secret key for each
CPU
Software Delivery
compiledbinary
master copy
CPU ID
augmentedbinary
working copy
installation process
store/execute in working copy form
Java Virtual MachineJava Virtual Machine88
4. Installation Mode
Module 1Installation Mode
• Only let the installer access the CPU ID
- Secure atomic installation without interrupts- Do not write to CPU ID or disclose ID off chip- Before completion, overwrite on-chip memory
• Disable Context Switching
• Store and call the installer in BIOS-like fashion
- Disable all H/W & S/W interrupts
Java Virtual MachineJava Virtual Machine99
5. Flowchart of SPEF system
Components and Procedures
Most of the time, I-block = basic blockif basic block is too large, parse it
I-block (Instruction Block)
Java Virtual MachineJava Virtual Machine1010
5. Flowchart of SPEF system
Constraint Encoding• Domain ordering
- Assign a unique identifier to each component- Must be invariant under transformation ex) sorting instructions with preserved dependencies
• Transformation-Invariant Hash (TI-hash)- A sequence of bits used to generate constraints- Must be invariant under transformation ex) control-flow graphs, instruction types, constant value
• Constraint Embedding- Constraints are embedded into I-block using bit-stream ex) modify the orders of the instruction in the I-block
Java Virtual MachineJava Virtual Machine1111
5. Flowchart of SPEF system
Program Execution
• Verification Process
- consists of same three steps
- instead of embedding, analyze the matching
- if complete match, execute the I-block
- else, send abort signal to OS to terminate the process
Java Virtual MachineJava Virtual Machine1212
6. Implementation of SPEF
Implementation Specification• Use ARM instruction sets
- simplistic RISC-type
- availability of tools that support additional logic
• Use of Intel’s x86
- sophisticated super-scalar pipelined ALUs
- variable length instructions
- test the result using Mediabench (MPEG, JPEG..)
They have shown this work in a paper published in 2004
Java Virtual MachineJava Virtual Machine1313
6. Implementation of SPEF
Requirements for Constraint Types• High degree of freedom
- need a large number of distinct representation of I-block
• Functional transparency- transformation must not alter program’s funtionality
• Transformation invariance- constraints encoding must be the same before/after
• Effective implementation - constraint verifier must be fast and require few gates
• Low performance overhead- should have minimal performance overhead
Java Virtual MachineJava Virtual Machine1414
6. Implementation of SPEF
Instruction Reordering• Reorder the instructions within I-block
- a technique in optimized compilation
• Domain Ordering
Degree of Freedom
the number of ways the I-block can be transformed such thatthe functionality of the I-block is preserved
- sort the instructions with
• Compute Random Bitstring- using TI-hash and encryption method
• Constraint Embedding
Java Virtual MachineJava Virtual Machine1515
6. Implementation of SPEF
Instruction Reordering
Java Virtual MachineJava Virtual Machine1616
6. Implementation of SPEF
More Constraint Types
• Basic Block Reordering
• Permuted Register Assignment
• Conditional Branch Selection
• Filling Unused Instruction Fields
• Toggling the Signs of Imme. Operands
Combinations of these types can greatly improve DOF
Java Virtual MachineJava Virtual Machine1717
7. Experimental Results
DOF of Instruction SchedulingDOF of Instruction Scheduling
Cummulative DOF
Java Virtual MachineJava Virtual Machine1818
7. Experimental Results
DOF of Instruction SchedulingEffective CPI
Java Virtual MachineJava Virtual Machine1919
8. Future Works
DOF of Instruction SchedulingA H/W-S/W Platform for Intrusion Prevention