Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Capability-Based Computer Systems
Capability-Based Computer Systems
Mimicry attacks on host-based intrusion detection systems
Proceedings of the 9th ACM conference on Computer and communications security
Enabling trusted software integrity
Proceedings of the 10th international conference on Architectural support for programming languages and operating systems
Proceedings of the 10th international conference on Architectural support for programming languages and operating systems
Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Integrating Flexible Support for Security Policies into the Linux Operating System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
AEGIS: architecture for tamper-evident and tamper-resistant processing
ICS '03 Proceedings of the 17th annual international conference on Supercomputing
Supporting ada memory management in the iAPX-432
ASPLOS I Proceedings of the first international symposium on Architectural support for programming languages and operating systems
Computer Architecture: A Quantitative Approach
Computer Architecture: A Quantitative Approach
Understanding the Linux Kernel, Second Edition
Understanding the Linux Kernel, Second Edition
LOMAC: Low Water-Mark Integrity Protection for COTS Environments
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Intrusion Detection via Static Analysis
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
Randomized instruction set emulation to disrupt binary code injection attacks
Proceedings of the 10th ACM conference on Computer and communications security
Fast Secure Processor for Inhibiting Software Piracy and Tampering
Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture
Architectural support for copy and tamper-resistant software
Architectural support for copy and tamper-resistant software
Techniques to Reduce the Soft Error Rate of a High-Performance Microprocessor
Proceedings of the 31st annual international symposium on Computer architecture
Secure program execution via dynamic information flow tracking
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
On the effectiveness of address-space randomization
Proceedings of the 11th ACM conference on Computer and communications security
Hardware and Binary Modification Support for Code Pointer Protection From Buffer Overflow
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Minos: Control Data Attack Prevention Orthogonal to Memory Model
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
A Hardware-Software Platform for Intrusion Prevention
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Efficient Intrusion Detection using Automaton Inlining
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Vigilante: end-to-end containment of internet worms
Proceedings of the twentieth ACM symposium on Operating systems principles
On deriving unknown vulnerabilities from zero-day polymorphic and metamorphic worm exploits
Proceedings of the 12th ACM conference on Computer and communications security
Proceedings of the 12th ACM conference on Computer and communications security
Practical taint-based protection using demand emulation
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
PointguardTM: protecting pointers from buffer overflow vulnerabilities
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Understanding data lifetime via whole system simulation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Where's the FEEB? the effectiveness of instruction set randomization
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Non-control-data attacks are realistic threats
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Shredding your garbage: reducing data lifetime through secure deallocation
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Intrusion detection using sequences of system calls
Journal of Computer Security
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Polyglot: automatic extraction of protocol message format using dynamic binary analysis
Proceedings of the 14th ACM conference on Computer and communications security
Self-recovery in server programs
Proceedings of the 2009 international symposium on Memory management
Measuring channel capacity to distinguish undue influence
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Loop-extended symbolic execution on binary programs
Proceedings of the eighteenth international symposium on Software testing and analysis
Proceedings of the 2008 workshop on New security paradigms
PIFT: efficient dynamic information flow tracking using secure page allocation
WESS '09 Proceedings of the 4th Workshop on Embedded Systems Security
DBTaint: cross-application information flow tracking via databases
WebApps'10 Proceedings of the 2010 USENIX conference on Web application development
Proceedings of the 2010 workshop on New security paradigms
Identifying the provenance of correlated anomalies
Proceedings of the 2011 ACM Symposium on Applied Computing
Static secure page allocation for light-weight dynamic information flow tracking
Proceedings of the 2012 international conference on Compilers, architectures and synthesis for embedded systems
Dynamic information-flow analysis for multi-threaded applications
ISoLA'12 Proceedings of the 5th international conference on Leveraging Applications of Formal Methods, Verification and Validation: technologies for mastering change - Volume Part I
Micro-architectural support for metadata coherence in multi-core dynamic information flow tracking
Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
Leveraging speculative architectures for runtime program validation
ACM Transactions on Embedded Computing Systems (TECS)
Obfuscation resilient binary code reuse through trace-oriented programming
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
The impact of the antivirus on the digital evidence
International Journal of Electronic Security and Digital Forensics
Hi-index | 0.00 |
We present Minos, a microarchitecture that implements Biba's low water-mark integrity policy on individual words of data. Minos stops attacks that corrupt control data to hijack program control flow, but is orthogonal to the memory model. Control data is any data that is loaded into the program counter on control-flow transfer, or any data used to calculate such data. The key is that Minos tracks the integrity of all data, but protects control flow by checking this integrity when a program uses the data for control transfer. Existing policies, in contrast, need to differentiate between control and noncontrol data a priori, a task made impossible by coercions between pointers and other data types, such as integers in the C language. Our implementation of Minos for Red Hat Linux 6.2 on a Pentium-based emulator is a stable, usable Linux system on the network on which we are currently running a web server (http://minos.cs.ucdavis.edu). Our emulated Minos systems running Linux and Windows have stopped ten actual attacks. Extensive full-system testing and real-world attacks have given us a unique perspective on the policy tradeoffs that must be made in any system, such as Minos; this paper details and discusses these. We also present a microarchitectural implementation of Minos that achieves negligible impact on cycle time with a small investment in die area, as well as and minor changes to the Linux kernel to handle the tag bits and perform virtual memory swapping.