Indirect Branch Validation Unit

Authors:
Gyungho Lee;Yixin Shi;Hui Lin
Affiliations:
College of Information and Communications, Korea University, Seoul, Republic of Korea;ECE Department, University of Illinois at Chicago, 851 South Morgan St. Chicago, IL, USA;ECE Department, University of Illinois at Chicago, 851 South Morgan St. Chicago, IL, USA
Venue:
Microprocessors & Microsystems
Year:
2009

Citing 13
Cited 0

Target prediction for indirect jumps

Proceedings of the 24th annual international symposium on Computer architecture
Space/time trade-offs in hash coding with allowable errors

Communications of the ACM
Secure Execution via Program Shepherding

Proceedings of the 11th USENIX Security Symposium
Anomaly Detection Using Call Stack Information

SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A Sense of Self for Unix Processes

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Intrusion Detection via Static Analysis

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Gray-box extraction of execution graphs for anomaly detection

Proceedings of the 11th ACM conference on Computer and communications security
Hardware and Binary Modification Support for Code Pointer Protection From Buffer Overflow

Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Minos: Control Data Attack Prevention Orthogonal to Memory Model

Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Anomalous path detection with hardware support

Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
Control-flow integrity

Proceedings of the 12th ACM conference on Computer and communications security
Augmenting Branch Predictor to Secure Program Execution

DSN '07 Proceedings of the 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents a micro-architectural enhancement, named Indirect Branch Validation Unit (IBVU), to prevent malicious attacks from compromising the control data of the program. The IBVU provides a run-time control flow protection by validating a dynamic instance of an indirect branch's address and its target address -indirect branch pair (IBP), which represents the program behavior. To validate an IBP at run-time with little performance and storage overhead, the IBVU employs a Bloom filter, a hashing based bit vector representation for querying a set membership. Two organizations trading off of the access delay and space in VLSI design are provided, and three commonly used hashing schemes are evaluated for the performance impact as well as the area overhead. Recognizing potential false positives from adopting the Bloom filter, consideration of reducing it per the Bloom filter's design parameters is discussed, while the difficulty of utilizing the false positives due to hashing based indexing of the Bloom filter for malicious attack is noted.