发布求助
文献互助 智能选刊 最新文献

Hardware and Architectural Support for Security and Privacy最新文献

筛选
英文 中文
Architectural Supports to Protect OS Kernels from Code-Injection Attacks 保护操作系统内核免受代码注入攻击的架构支持
Hardware and Architectural Support for Security and Privacy Pub Date : 2016-06-18 DOI: 10.1145/2948618.2948623
Hyungon Moon, Jinyong Lee, Dongil Hwang, Seonhwa Jung, Jiwon Seo, Y. Paek
{"title":"Architectural Supports to Protect OS Kernels from Code-Injection Attacks","authors":"Hyungon Moon, Jinyong Lee, Dongil Hwang, Seonhwa Jung, Jiwon Seo, Y. Paek","doi":"10.1145/2948618.2948623","DOIUrl":"https://doi.org/10.1145/2948618.2948623","url":null,"abstract":"The kernel code injection is a common behavior of kernel -compromising attacks where the attackers aim to gain their goals by manipulating an OS kernel. Several security mechanisms have been proposed to mitigate such threats, but they all suffer from non-negligible performance overhead. This paper introduces a hardware reference monitor, called Kargos, which can detect the kernel code injection attacks with nearly zero performance cost. Kargos monitors the behaviors of an OS kernel from outside the CPU through the standard bus interconnect and debug interface available with most major microprocessors. By watching the execution traces and memory access events in the monitored target system, Kargos uncovers attempts to execute malicious code with the kernel privilege. According to our experiments, Kargos detected all the kernel code injection attacks that we tested, yet just increasing the computational loads on the target CPU by less than 1% on average.","PeriodicalId":141766,"journal":{"name":"Hardware and Architectural Support for Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128453521","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Implicit Sensor-based Authentication of Smartphone Users with Smartwatch 基于隐式传感器的智能手表用户认证
Hardware and Architectural Support for Security and Privacy Pub Date : 2016-06-18 DOI: 10.1145/2948618.2948627
Wei-Han Lee, R. Lee
{"title":"Implicit Sensor-based Authentication of Smartphone Users with Smartwatch","authors":"Wei-Han Lee, R. Lee","doi":"10.1145/2948618.2948627","DOIUrl":"https://doi.org/10.1145/2948618.2948627","url":null,"abstract":"Smartphones are now frequently used by end-users as the portals to cloud-based services, and smartphones are easily stolen or co-opted by an attacker. Beyond the initial login mechanism, it is highly desirable to re-authenticate end-users who are continuing to access security-critical services and data, whether in the cloud or in the smartphone. But attackers who have gained access to a logged-in smartphone have no incentive to re-authenticate, so this must be done in an automatic, non-bypassable way. Hence, this paper proposes a novel authentication system, iAuth, for implicit, continuous authentication of the end-user based on his or her behavioral characteristics, by leveraging the sensors already ubiquitously built into smartphones. We design a system that gives accurate authentication using machine learning and sensor data from multiple mobile devices. Our system can achieve 92.1% authentication accuracy with negligible system overhead and less than 2% battery consumption.","PeriodicalId":141766,"journal":{"name":"Hardware and Architectural Support for Security and Privacy","volume":"82 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134161166","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 68
Can Data-Only Exploits be Detected at Runtime Using Hardware Events?: A Case Study of the Heartbleed Vulnerability 可以在运行时使用硬件事件检测仅数据的漏洞?:心脏出血漏洞的案例研究
Hardware and Architectural Support for Security and Privacy Pub Date : 2016-06-18 DOI: 10.1145/2948618.2948620
G. Torres, Chen Liu
{"title":"Can Data-Only Exploits be Detected at Runtime Using Hardware Events?: A Case Study of the Heartbleed Vulnerability","authors":"G. Torres, Chen Liu","doi":"10.1145/2948618.2948620","DOIUrl":"https://doi.org/10.1145/2948618.2948620","url":null,"abstract":"In this study, we investigate the feasibility of using an anomaly-based detection scheme that utilizes information collected from hardware performance counters at runtime to detect data-oriented attacks in user space libraries. Using the Heartbleed vulnerability as a test case, we studied twelve different hardware events and used a Support Vector Machine (SVM) model to classify between regular and abnormal behaviors. Our results demonstrated a detection accuracy over 92% for the two-class SVM model and over 70% for the one-class SVM model. We also studied the limitations of using certain type of hardware events and discussed possible implications of their use in detection schemes. Overall, the experiments conducted suggest that data-oriented attacks can be more difficult to detect than control-data exploits, as certain events are susceptible to interference hence less reliable.","PeriodicalId":141766,"journal":{"name":"Hardware and Architectural Support for Security and Privacy","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125327799","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 25
A Formal Security Analysis of Even-Odd Sequential Prefetching in Profiled Cache-Timing Attacks 分析缓存定时攻击中奇偶顺序预取的形式化安全性分析
Hardware and Architectural Support for Security and Privacy Pub Date : 2016-06-18 DOI: 10.1145/2948618.2948624
Sarani Bhattacharya, C. Rebeiro, Debdeep Mukhopadhyay
{"title":"A Formal Security Analysis of Even-Odd Sequential Prefetching in Profiled Cache-Timing Attacks","authors":"Sarani Bhattacharya, C. Rebeiro, Debdeep Mukhopadhyay","doi":"10.1145/2948618.2948624","DOIUrl":"https://doi.org/10.1145/2948618.2948624","url":null,"abstract":"Hardware cache prefetching has a profound impact on the memory access pattern of ciphers which are exploited in profiled cache-timing attacks. In this paper, we formally demonstrate that memory access patterns influenced by sequential prefetching and its variant, known as even-odd prefetcher has varying information leakage dependent on the alignment of the underlying tables used in the cipher implementation. This demonstrates that a suitable architecture choice for the hardware prefetcher combined with appropriate memory alignment in software can lead to prefetching architectures which are leakage resilient.","PeriodicalId":141766,"journal":{"name":"Hardware and Architectural Support for Security and Privacy","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128902357","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Using innovative instructions to create trustworthy software solutions 使用创新的说明来创建值得信赖的软件解决方案
Hardware and Architectural Support for Security and Privacy Pub Date : 2013-06-23 DOI: 10.1145/2487726.2488370
Matthew Hoekstra, Reshma Lal, Pradeep Pappachan, Vinay Phegade, J. Cuvillo
{"title":"Using innovative instructions to create trustworthy software solutions","authors":"Matthew Hoekstra, Reshma Lal, Pradeep Pappachan, Vinay Phegade, J. Cuvillo","doi":"10.1145/2487726.2488370","DOIUrl":"https://doi.org/10.1145/2487726.2488370","url":null,"abstract":"Software developers face a number of challenges when creating applications that attempt to keep important data confidential. Even with diligent attention paid to correct software design and implementation practices, secrets can still be exposed through a single flaw in any of the privileged code on the platform, code which may have been written by thousands of developers from hundreds of organizations throughout the world. Intel is developing innovative security technology which provides the ability for software developers to maintain control of the security of sensitive code and data by creating trusted domains within applications to protect critical information during execution and at rest. This paper will describe how this technology has been effectively used in lab exercises to protect private information in applications including enterprise rights management, video chat, trusted financial transactions, and others. Examples will include both protection of local processing and the establishment of secure communication with cloud services. It will illustrate useful software design patterns that can be followed to create many additional types of trusted software solutions.","PeriodicalId":141766,"journal":{"name":"Hardware and Architectural Support for Security and Privacy","volume":"49 2","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134427443","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 397
Side-channel indistinguishability 边信道不可分辨性
Hardware and Architectural Support for Security and Privacy Pub Date : 2013-06-23 DOI: 10.1145/2487726.2487735
C. Carlet, S. Guilley
{"title":"Side-channel indistinguishability","authors":"C. Carlet, S. Guilley","doi":"10.1145/2487726.2487735","DOIUrl":"https://doi.org/10.1145/2487726.2487735","url":null,"abstract":"We introduce a masking strategy for hardware that prevents any side-channel attacker from recovering uniquely the secret key of a cryptographic device. In this masking scheme, termed homomorphic, the sensitive data is exclusive-ored with a random value that belongs to a given set. We show that if this masking set is concealed, then no information about the cryptographic key leaks. If the masking set is public (or disclosed), then any (high-order) attack reveals a group of equiprobable keys. Those results are applied to the case of the AES, where sensitive variables are bytes. To any mask corresponds a masked substitution box. We prove that there exists a homomorphic masking with 16 masks (hence a number of substitution boxes equal to that of the same algorithm without masking) that resists mono-variate first-, second-, and third-order side-channel attacks. Furthermore, even if the masking set is public, each byte of the correct key is found only ex æquo with 15 incorrect ones, making the side-channel analysis insufficient alone -- the remaining key space shall be explored by other means (typically exhaustive search). Thus, our homomorphic masking strategy allows both to increase the number of side-channel measurements and to demand for a final non negligible brute-forcing (of complexity 16NB = 264 for AES, that has NB = 16 substitution boxes). The hardware implementation of the Rotating Substitution boxes Masking (RSM) is a practical instantiation of our homomorphic masking countermeasure.","PeriodicalId":141766,"journal":{"name":"Hardware and Architectural Support for Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129302849","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 28
Practical template-algebraic side channel attacks with extremely low data complexity 具有极低数据复杂度的实用模板-代数侧信道攻击
Hardware and Architectural Support for Security and Privacy Pub Date : 2013-06-23 DOI: 10.1145/2487726.2487733
Yossef Oren, Ofir Weisse, A. Wool
{"title":"Practical template-algebraic side channel attacks with extremely low data complexity","authors":"Yossef Oren, Ofir Weisse, A. Wool","doi":"10.1145/2487726.2487733","DOIUrl":"https://doi.org/10.1145/2487726.2487733","url":null,"abstract":"Template-based Tolerant Algebraic Side Channel Attacks (Template-TASCA) were suggested in [20] as a way of reducing the high data complexity of template attacks by coupling them with algebraic side-channel attacks. In contrast to the maximum-likelihood method used in a standard template attack, the template-algebraic attack method uses a constraint solver to find the optimal state correlated to the measured side-channel leakage. In this work we present the first application of the template-algebraic key recovery attack to a publicly available data set (IAIK WS2). We show how our attack can successfully recover the encryption key even when the attacker has extremely limited access to the device under test -- only 200 traces in the offline phase and as little as a single trace in the online phase.","PeriodicalId":141766,"journal":{"name":"Hardware and Architectural Support for Security and Privacy","volume":"90U 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114718630","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Red team vs. blue team hardware trojan analysis: detection of a hardware trojan on an actual ASIC 红队vs蓝队硬件木马分析:在实际ASIC上检测硬件木马
Hardware and Architectural Support for Security and Privacy Pub Date : 2013-06-23 DOI: 10.1145/2487726.2487727
M. Muehlberghuber, Frank K. Gürkaynak, Thomas Korak, Philipp Dunst, M. Hutter
{"title":"Red team vs. blue team hardware trojan analysis: detection of a hardware trojan on an actual ASIC","authors":"M. Muehlberghuber, Frank K. Gürkaynak, Thomas Korak, Philipp Dunst, M. Hutter","doi":"10.1145/2487726.2487727","DOIUrl":"https://doi.org/10.1145/2487726.2487727","url":null,"abstract":"We infiltrate the ASIC development chain by inserting a small denial-of-service (DoS) hardware Trojan at the fabrication design phase into an existing VLSI circuit, thereby simulating an adversary at a semiconductor foundry. Both the genuine and the altered ASICs have been fabricated using a 180 nm CMOS process. The Trojan circuit adds an overhead of only 0.5% to the original design. In order to detect the hardware Trojan, we perform side-channel analyses and apply IC-fingerprinting techniques using templates, principal component analysis (PCA), and support vector machines (SVMs). As a result, we were able to successfully identify and classify all infected ASICs from non-infected ones. To the best of our knowledge, this is the first hardware Trojan manufactured as an ASIC and has successfully been analyzed using side channels.","PeriodicalId":141766,"journal":{"name":"Hardware and Architectural Support for Security and Privacy","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121616195","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 21
Micro-architectural support for metadata coherence in multi-core dynamic information flow tracking 多核动态信息流跟踪中元数据一致性的微架构支持
Hardware and Architectural Support for Security and Privacy Pub Date : 2013-06-23 DOI: 10.1145/2487726.2487732
Juan Carlos Martínez Santos, Yunsi Fei
{"title":"Micro-architectural support for metadata coherence in multi-core dynamic information flow tracking","authors":"Juan Carlos Martínez Santos, Yunsi Fei","doi":"10.1145/2487726.2487732","DOIUrl":"https://doi.org/10.1145/2487726.2487732","url":null,"abstract":"Dynamic information flow tracking (DIFT) has shown to be an effective security measure for detecting both memory corruption attacks and semantic attacks at run-time on a wild range of systems from embedded systems and mobile devices to cloud computing. When applying DIFT to multi-thread applications running on multi-core architectures, the data processing and metadata processing are normally decoupled, i.e., being performed in different places at different times. Therefore, if the metadata access is not in the same order as data access, inconsistency issues may arise, which would reduce the security effectiveness of DIFT. Avoiding such inconsistency between data access and metadata access, i.e., maintaining metadata coherence, has become a challenging issue. In this paper, we propose METACE (METAdata Coherence Enforcement). METACE includes architectural enhancement in the memory management unit and leverages the existing cache coherence hardware and protocol to enforce metadata coherence. It introduces minimum changes to cores, coprocessors, and the memory hierarchy. It covers the complete set of data dependencies without deadlocks and is compatible with different memory consistency models. Our approach does not require modification of the source code. METACE supports out-of-order metadata access resulting in less performance degradation than previous approaches.","PeriodicalId":141766,"journal":{"name":"Hardware and Architectural Support for Security and Privacy","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133362904","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Secure memories resistant to both random errors and fault injection attacks using nonlinear error correction codes 使用非线性纠错码保护存储器免受随机错误和故障注入攻击
Hardware and Architectural Support for Security and Privacy Pub Date : 2013-06-23 DOI: 10.1145/2487726.2487731
Shizun Ge, Zhen Wang, Pei Luo, M. Karpovsky
{"title":"Secure memories resistant to both random errors and fault injection attacks using nonlinear error correction codes","authors":"Shizun Ge, Zhen Wang, Pei Luo, M. Karpovsky","doi":"10.1145/2487726.2487731","DOIUrl":"https://doi.org/10.1145/2487726.2487731","url":null,"abstract":"Memories used in cryptographic devices are vulnerable to fault injection attacks. To mitigate the danger of these attacks, error control codes are often used in memories to detect maliciously injected faults. Most of codes proposed for memories in cryptographic devices are error detecting codes with small Hamming distances that cannot be used for error correction. While being able to provide sufficient protection against fault injection attacks, these codes cannot provide a satisfactory reliability under the presence of random errors. In this paper we present reliable and secure memory architectures based on two nonlinear error correcting codes. The presented coding technique can be used for detection of fault injection attacks as well as for correction of random errors. The construction and the error correction procedures for the code will be described. The error handling methodology used to distinguish between random errors and maliciously injected faults will be discussed.","PeriodicalId":141766,"journal":{"name":"Hardware and Architectural Support for Security and Privacy","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128160611","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信