Adding run-time checking to the portable C compiler
Software—Practice & Experience
Numerical recipes in FORTRAN (2nd ed.): the art of scientific computing
Numerical recipes in FORTRAN (2nd ed.): the art of scientific computing
Efficient detection of all pointer and array access errors
PLDI '94 Proceedings of the ACM SIGPLAN 1994 conference on Programming language design and implementation
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
CCured: type-safe retrofitting of legacy code
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Remus: a security-enhanced operating system
ACM Transactions on Information and System Security (TISSEC)
Computers and Intractability; A Guide to the Theory of NP-Completeness
Computers and Intractability; A Guide to the Theory of NP-Completeness
A survey of processors with explicit multithreading
ACM Computing Surveys (CSUR)
Design Considerations in Boeing 777 Fly-By-Wire Computers
HASE '98 The 3rd IEEE International Symposium on High-Assurance Systems Engineering
ATEC '02 Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference
Type-Assisted Dynamic Buffer Overflow Detection
Proceedings of the 11th USENIX Security Symposium
Dynamic Self-Checking Techniques for Improved Tamper Resistance
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Modeling the Effect of Technology Trends on the Soft Error Rate of Combinational Logic
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Architectural Optimization for a 1.82Gbits/sec VLSI Implementation of the AES Rijndael Algorithm
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
AEGIS: architecture for tamper-evident and tamper-resistant processing
ICS '03 Proceedings of the 17th annual international conference on Supercomputing
Defending Embedded Systems Against Buffer Overflow via Hardware/Software
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
The Performance of Runtime Data Cache Prefetching in a Dynamic Optimization System
Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture
Efficient Memory Integrity Verification and Encryption for Secure Processors
Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture
Design of Energy-Efficient Application-Specific Instruction Set Processors
Design of Energy-Efficient Application-Specific Instruction Set Processors
An Architectural Framework for Providing Reliability and Security Support
DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
Security in embedded systems: Design challenges
ACM Transactions on Embedded Computing Systems (TECS)
On the effectiveness of address-space randomization
Proceedings of the 11th ACM conference on Computer and communications security
Runtime Execution Monitoring (REM) to Detect and Prevent Malicious Code Execution
ICCD '04 Proceedings of the IEEE International Conference on Computer Design
Rapid Embedded Hardware/Software System Generation
VLSID '05 Proceedings of the 18th International Conference on VLSI Design held jointly with 4th International Conference on Embedded Systems Design
SWIFT: Software Implemented Fault Tolerance
Proceedings of the international symposium on Code generation and optimization
Secure Embedded Processing through Hardware-Assisted Run-Time Monitoring
Proceedings of the conference on Design, Automation and Test in Europe - Volume 1
A Methodology for Designing Countermeasures against Current and Future Code Injection Attacks
IWIA '05 Proceedings of the Third IEEE International Workshop on Information Assurance
Micro embedded monitoring for security in application specific instruction-set processors
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
Proceedings of the 12th ACM conference on Computer and communications security
e-NeXSh: Achieving an Effectively Non-Executable Stack and Heap via System-Call Policing
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Secure and practical defense against code-injection attacks using software dynamic translation
Proceedings of the 2nd international conference on Virtual execution environments
IMPRES: integrated monitoring for processor reliability and security
Proceedings of the 43rd annual Design Automation Conference
Extended Protection against Stack Smashing Attacks without Performance Loss
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
IEEE Software
Fail-safe ANSI-C compiler: an approach to making C programs secure
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Reli: hardware/software checkpoint and recovery scheme for embedded processors
DATE '12 Proceedings of the Conference on Design, Automation and Test in Europe
| Hi-index | 0.00 |
Program code in a computer system can be altered either by malicious security attacks or by various faults in microprocessors. At the instruction level, all code modifications are manifested as bit flips. In this paper, we present a generalized methodology for monitoring code integrity at run-time in application-specific instruction-set processors. We embed monitoring microoperations in machine instructions, so the processor is augmented with a hardware monitor automatically. The monitor observes the processor's execution trace at run-time, checks whether it aligns with the expected program behavior, and signals any mismatches. Since the monitor works at a level below the instructions, the monitoring mechanism cannot be bypassed by software or compromised by malicious users. We discuss the ability and limitation of such monitoring mechanism for detecting both soft errors and code injection attacks. We propose two different schemes for managing the monitor, the operating system (OS) managed and application controlled, and design the constituent components within the monitoring architecture. Experimental results show that with an effective hash function implementation, our microarchitectural support can detect program code integrity compromises at a high probability with small area overhead and little performance degradation.