From Speculation to Security Practical and Efficient Information Flow Tracking Using Speculative Hardware

Dynamic information flow tracking (also known as taint tracking) is an appealing approach to combat various security attacks. However, the performance of applications can severely degrade without hardware support for tracking taints. This paper observes that information flow tracking can be efficien...

Full description

Saved in:
Bibliographic Details
Published in:2008 International Symposium on Computer Architecture pp. 401 - 412
Main Authors: Chen, Haibo, Wu, Xi, Yuan, Liwei, Zang, Binyu, Yew, Pen-chung, Chong, Frederic T.
Format: Conference Proceeding
Language:English
Published: Washington, DC, USA IEEE Computer Society 01.06.2008
IEEE
Series:ACM Conferences
Subjects:
Application software
Computer science
Computer security
Computer systems organization > Architectures > Distributed architectures > Grid computing
Computer systems organization > Architectures > Parallel architectures > Multicore architectures
Computer systems organization > Architectures > Serial architectures > Superscalar architectures
Computer systems organization > Dependable and fault-tolerant systems and networks
Computing methodologies > Modeling and simulation > Simulation types and techniques > Massively parallel and high-performance simulations
Deferred Exception
Dynamic Information Flow Tracking
General and reference > Cross-computing tools and techniques > Performance
Hardware
Hardware > Very large scale integration design > Application-specific VLSI designs > Application specific processors
Information security
Instruments
Measurement
Networks > Network performance evaluation
Prototypes
Registers
Security and privacy > Systems security > Information flow control
Security and privacy > Systems security > Operating systems security
Software and its engineering > Software organization and properties > Software system structures > Distributed systems organizing principles > Grid computing
Software prototyping
Speculative Execution
Taint tracking
Speculative Execution
Taint tracking
Deferred Exception
Dynamic Information Flow Tracking
ISBN:9780769531748, 0769531741
ISSN:1063-6897
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Dynamic information flow tracking (also known as taint tracking) is an appealing approach to combat various security attacks. However, the performance of applications can severely degrade without hardware support for tracking taints. This paper observes that information flow tracking can be efficiently emulated using deferred exception tracking in microprocessors supporting speculative execution. Based on this observation, we propose SHIFT, a low-overhead, software-based dynamic information flow tracking system to detect a wide range of attacks. The key idea is to treat tainted state (describing untrusted data) as speculative state (describing deferred exceptions). SHIFT leverages existing architectural support for speculative execution to track tainted state in registers and needs to instrument only load and store instructions to track tainted state in memory using a bitmap, which results in significant performance advantages. Moreover, by decoupling mechanisms for taint tracking from security policies, SHIFT can detect a wide range of exploits, including high-level semantic attacks. We have implemented SHIFT using the Itanium processor, which has support for deferred exceptions, and by modifying GCC to instrument loads and stores. A security assessment shows that SHIFT can detect both low-level memory corruption exploits as well as high-level semantic attacks with no false positives. Performance measurements show that SHIFT incurs about 1% overhead for server applications. The performance slowdown for SPEC-INT2000 is 2.81X and 2.27X for tracking at byte-level and wordlevel respectively. Minor architectural improvements to the Itanium processor (adding three simple instructions) can reduce the performance slowdown down to 2.32X and 1.8X for byte-level and word-level tracking, respectively.
ISBN:9780769531748
0769531741
ISSN:1063-6897
DOI:10.1109/ISCA.2008.18