{"title":"代码完整性验证使用缓存内存监控","authors":"R. Shrivastava, Varun Natu, C. Hota","doi":"10.1080/19393555.2021.1902592","DOIUrl":null,"url":null,"abstract":"ABSTRACT This paper addresses the challenges of building a secure software system to prevent Man-at-the-End attacks. Ensuring the security of systems is challenging due to unfavorable constraints faced by the end-point host system. Constraints such as hostile environments leave the host system at the peril of would-be attackers. In this paper, we verify program integrity through L3 cache by monitoring the security-sensitive code points and verify them in memory. This paper uses a cache-based monitoring program to verify code integrity. In particular, we show that side-channel information can be used to encode the invariant of the program execution state. These invariants can be periodically and externally monitored as a proxy for application integrity. This monitoring system uses a sliding window scheme that can detect the violation of these invariant with high reliability. The proposed solution is transparent to the attacker and utilizes a side-channel technique (Flush + Reload) along with a sliding window scheme to monitor security-sensitive code and detect MATE attacks to prevent malicious manipulation of software.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"35 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Code integrity verification using cache memory monitoring\",\"authors\":\"R. Shrivastava, Varun Natu, C. Hota\",\"doi\":\"10.1080/19393555.2021.1902592\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"ABSTRACT This paper addresses the challenges of building a secure software system to prevent Man-at-the-End attacks. Ensuring the security of systems is challenging due to unfavorable constraints faced by the end-point host system. Constraints such as hostile environments leave the host system at the peril of would-be attackers. In this paper, we verify program integrity through L3 cache by monitoring the security-sensitive code points and verify them in memory. This paper uses a cache-based monitoring program to verify code integrity. In particular, we show that side-channel information can be used to encode the invariant of the program execution state. These invariants can be periodically and externally monitored as a proxy for application integrity. This monitoring system uses a sliding window scheme that can detect the violation of these invariant with high reliability. The proposed solution is transparent to the attacker and utilizes a side-channel technique (Flush + Reload) along with a sliding window scheme to monitor security-sensitive code and detect MATE attacks to prevent malicious manipulation of software.\",\"PeriodicalId\":103842,\"journal\":{\"name\":\"Information Security Journal: A Global Perspective\",\"volume\":\"35 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-03-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Information Security Journal: A Global Perspective\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1080/19393555.2021.1902592\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information Security Journal: A Global Perspective","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/19393555.2021.1902592","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Code integrity verification using cache memory monitoring
ABSTRACT This paper addresses the challenges of building a secure software system to prevent Man-at-the-End attacks. Ensuring the security of systems is challenging due to unfavorable constraints faced by the end-point host system. Constraints such as hostile environments leave the host system at the peril of would-be attackers. In this paper, we verify program integrity through L3 cache by monitoring the security-sensitive code points and verify them in memory. This paper uses a cache-based monitoring program to verify code integrity. In particular, we show that side-channel information can be used to encode the invariant of the program execution state. These invariants can be periodically and externally monitored as a proxy for application integrity. This monitoring system uses a sliding window scheme that can detect the violation of these invariant with high reliability. The proposed solution is transparent to the attacker and utilizes a side-channel technique (Flush + Reload) along with a sliding window scheme to monitor security-sensitive code and detect MATE attacks to prevent malicious manipulation of software.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
