The HitchHiker's Guide to High-Assurance System Observability Protection with Efficient Permission Switches

arXiv - CS - Operating Systems Pub Date : 2024-09-06 DOI:arxiv-2409.04484

Chuqi Zhang, Jun Zeng, Yiming Zhang, Adil Ahmad, Fengwei Zhang, Hai Jin, Zhenkai Liang

{"title":"The HitchHiker's Guide to High-Assurance System Observability Protection with Efficient Permission Switches","authors":"Chuqi Zhang, Jun Zeng, Yiming Zhang, Adil Ahmad, Fengwei Zhang, Hai Jin, Zhenkai Liang","doi":"arxiv-2409.04484","DOIUrl":null,"url":null,"abstract":"Protecting system observability records (logs) from compromised OSs has\ngained significant traction in recent times, with several note-worthy\napproaches proposed. Unfortunately, none of the proposed approaches achieve\nhigh performance with tiny log protection delays. They also leverage risky\nenvironments for protection (\\eg many use general-purpose hypervisors or\nTrustZone, which have large TCB and attack surfaces). HitchHiker is an attempt\nto rectify this problem. The system is designed to ensure (a) in-memory\nprotection of batched logs within a short and configurable real-time deadline\nby efficient hardware permission switching, and (b) an end-to-end\nhigh-assurance environment built upon hardware protection primitives with\ndebloating strategies for secure log protection, persistence, and management.\nSecurity evaluations and validations show that HitchHiker reduces log\nprotection delay by 93.3--99.3% compared to the state-of-the-art, while\nreducing TCB by 9.4--26.9X. Performance evaluations show HitchHiker incurs a\ngeometric mean of less than 6% overhead on diverse real-world programs,\nimproving on the state-of-the-art approach by 61.9--77.5%.","PeriodicalId":501333,"journal":{"name":"arXiv - CS - Operating Systems","volume":"53 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Operating Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.04484","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Protecting system observability records (logs) from compromised OSs has gained significant traction in recent times, with several note-worthy approaches proposed. Unfortunately, none of the proposed approaches achieve high performance with tiny log protection delays. They also leverage risky environments for protection (\eg many use general-purpose hypervisors or TrustZone, which have large TCB and attack surfaces). HitchHiker is an attempt to rectify this problem. The system is designed to ensure (a) in-memory protection of batched logs within a short and configurable real-time deadline by efficient hardware permission switching, and (b) an end-to-end high-assurance environment built upon hardware protection primitives with debloating strategies for secure log protection, persistence, and management. Security evaluations and validations show that HitchHiker reduces log protection delay by 93.3--99.3% compared to the state-of-the-art, while reducing TCB by 9.4--26.9X. Performance evaluations show HitchHiker incurs a geometric mean of less than 6% overhead on diverse real-world programs, improving on the state-of-the-art approach by 61.9--77.5%.

查看原文本刊更多论文

利用高效权限开关实现高可靠性系统可观察性保护的搭便车者指南

近来，保护系统可观察性记录（日志）免受操作系统入侵的研究取得了重大进展，并提出了几种值得注意的方法。遗憾的是，所提出的方法中没有一种能以极小的日志保护延迟实现高性能。它们还利用有风险的环境进行保护（例如，许多方法使用通用管理程序或TrustZone，它们有很大的TCB和攻击面）。HitchHiker 试图纠正这一问题。该系统旨在确保（a）通过高效的硬件权限切换，在较短且可配置的实时截止时间内对成批日志进行内存保护，以及（b）基于硬件保护原语和用于安全日志保护、持久化和管理的浮动策略，构建端到端的高保证环境。安全评估和验证表明，与最先进的技术相比，HitchHiker将日志保护延迟减少了93.3%-99.3%，同时将TCB减少了9.4-26.9倍。性能评估结果表明，HitchHiker在各种实际程序上产生的开销的年龄平均值小于6%，比最先进的方法提高了61.9%-77.5%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

arXiv - CS - Operating Systems

自引率

0.00%

发文量