Leveraging microarchitectural side channel information to efficiently enhance program control flow integrity
Stack buffer overflow is a serious security threat to program execution. A malicious attacker may overwrite the return address of a procedure to alter its control flow and hence change its functionality. While a number of hardware and/or software based protection schemes have been developed, these c...
Uloženo v:
| Vydáno v: | 2014 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS) : October 12-17, 2014, Jaypee Greens Golf and Spa Resort, New Delhi, India s. 1 - 9 |
|---|---|
| Hlavní autoři: | , , |
| Médium: | Konferenční příspěvek |
| Jazyk: | angličtina |
| Vydáno: |
ACM
01.10.2014
|
| Témata: | |
| On-line přístup: | Získat plný text |
| Tagy: |
Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Abstract | Stack buffer overflow is a serious security threat to program execution. A malicious attacker may overwrite the return address of a procedure to alter its control flow and hence change its functionality. While a number of hardware and/or software based protection schemes have been developed, these counter-measures introduce sizable overhead in performance and energy, thus limiting their applicability to embedded systems. To reduce such overhead, our goal is to develop a low-cost scheme to "filter out" potential stack buffer overflow attacks. Our observation is that attacks to control flow will trigger certain microarchitectural events, such as mis-predictions in the return address stack or misses in the instruction cache. We therefore propose a hardware-based scheme to monitor these events. Only upon detecting any suspicious behavior, a more precise but costly diagnosis scheme will be invoked to thoroughly check control flow integrity. Meanwhile, to further reduce the rate of false positives of the security filter, we propose three enhancements to the return address stack, instruction prefetch engine and instruction cache, respectively. The results show that these enhancements effectively reduce more than 95% of false positives with almost no false negatives introduced. |
|---|---|
| AbstractList | Stack buffer overflow is a serious security threat to program execution. A malicious attacker may overwrite the return address of a procedure to alter its control flow and hence change its functionality. While a number of hardware and/or software based protection schemes have been developed, these counter-measures introduce sizable overhead in performance and energy, thus limiting their applicability to embedded systems. To reduce such overhead, our goal is to develop a low-cost scheme to "filter out" potential stack buffer overflow attacks. Our observation is that attacks to control flow will trigger certain microarchitectural events, such as mis-predictions in the return address stack or misses in the instruction cache. We therefore propose a hardware-based scheme to monitor these events. Only upon detecting any suspicious behavior, a more precise but costly diagnosis scheme will be invoked to thoroughly check control flow integrity. Meanwhile, to further reduce the rate of false positives of the security filter, we propose three enhancements to the return address stack, instruction prefetch engine and instruction cache, respectively. The results show that these enhancements effectively reduce more than 95% of false positives with almost no false negatives introduced. |
| Author | Yuanqi Shen Chen Liu Chengmo Yang |
| Author_xml | – sequence: 1 surname: Chen Liu fullname: Chen Liu email: liuchen@udel.edu organization: Dept. of Electr. & Comput. Eng., Univ. of Delaware, Newark, DE, USA – sequence: 2 surname: Chengmo Yang fullname: Chengmo Yang email: chengmo@udel.edu organization: Dept. of Electr. & Comput. Eng., Univ. of Delaware, Newark, DE, USA – sequence: 3 surname: Yuanqi Shen fullname: Yuanqi Shen email: syq@udel.edu organization: Dept. of Electr. & Comput. Eng., Univ. of Delaware, Newark, DE, USA |
| BookMark | eNotjMFKAzEURSMoqLVrF27yA60vSTOZLKWoFQpudF0yry_TSCYpmaj07x3U1YF777nX7DzlRIzdClgKsdL3stENGL38pZVnbG5NOxWgFGgBl2w-jh8AMEXaGnXF4pa-qLg-pJ4PAUt2BQ-hEtbP4iIfw544HlxKFHlIPpfB1ZATr5mT9wEDpRpPnNK0QeLHkvviBo451ZIj9zF_T16lvoR6umEX3sWR5v-csfenx7f1ZrF9fX5ZP2wXTq5MXZDUvjOIDSkAZdGtwDQKupZgD6bVVghtOtv4TigvtCfTepQgBU6iR6Nm7O7vNxDR7ljC4Mpp11gjWinUDxG2Ww4 |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1145/2656075.2656092 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEL(IEEE/IET Electronic Library ) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 9781450330510 1450330517 |
| EndPage | 9 |
| ExternalDocumentID | 6971821 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IL ACM ALMA_UNASSIGNED_HOLDINGS APO CBEJK GUFHI LHSKQ RIE RIL |
| ID | FETCH-LOGICAL-a247t-e25fb7cc6e30039ca407630b8e0d078591157b96fb13f15fe78fc2021c25ffc73 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 1 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000454641600005&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Aug 27 04:53:48 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-a247t-e25fb7cc6e30039ca407630b8e0d078591157b96fb13f15fe78fc2021c25ffc73 |
| PageCount | 9 |
| ParticipantIDs | ieee_primary_6971821 |
| PublicationCentury | 2000 |
| PublicationDate | 2014-Oct. |
| PublicationDateYYYYMMDD | 2014-10-01 |
| PublicationDate_xml | – month: 10 year: 2014 text: 2014-Oct. |
| PublicationDecade | 2010 |
| PublicationTitle | 2014 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS) : October 12-17, 2014, Jaypee Greens Golf and Spa Resort, New Delhi, India |
| PublicationTitleAbbrev | CODESISSS |
| PublicationYear | 2014 |
| Publisher | ACM |
| Publisher_xml | – name: ACM |
| SSID | ssj0001455973 |
| Score | 1.5684235 |
| Snippet | Stack buffer overflow is a serious security threat to program execution. A malicious attacker may overwrite the return address of a procedure to alter its... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 1 |
| SubjectTerms | Accuracy Hardware Instruction Cache Monitoring Prefetching Radiation detectors Return Address Stack Runtime Security Stack Buffer Overflow |
| Title | Leveraging microarchitectural side channel information to efficiently enhance program control flow integrity |
| URI | https://ieeexplore.ieee.org/document/6971821 |
| WOSCitedRecordID | wos000454641600005&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV07T8MwELZKxcBUoEW8dQMj6SOO42RGVAyo6gBSt8p2zgIpJKikIP49Pse0HViY8pAiS_Y5Pvu-B2M3WituCDYoJ0JFLgN3c86S3UvBVSy0TQzX3mxCzmbZYpHPO-x2w4VBRA8-wyHd-lp-UZs1HZWN0tz9SYk1vielbLla2_OUhHJjHtR73NMoJl0ZKYb-SqXOHfsUv3pMe_9r95ANtjQ8mG8WmCPWweqY9X59GCBMyz4rH9EFpLcbgjcC2O1UB1QJZMgJRPCtsIQglErDAU0N6BUkXOvlN2D1QiEAAbIFAcUOtqy_oJWVcCn7gD1P75_uHqLgohCpOJFNhLGwWhqTIicirlFuC5fysc5wXLj8QOQkt6Pz1OoJtxNhUWbWxG7pN-5DayQ_Yd2qrvCUgUXO3S5WjLkoEs1zldpMcy5cNPpy6RnrU-ct31uhjGXot_O_X1-wA5d9JC0y7pJ1m9Uar9i--WxeP1bXfnR_ADkYqPY |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV3NS8MwFH-MKehp6iZ-m4NHu61N04-zOCbWscOE3UaTvqBQW5md4n9vXlq3Hbx46geUQPLSvOT9PgBupEy5Ithg6IrUMRm4mXOa7F4ynnpCal9xac0mwskkms_jaQtu11wYRLTgM-zTra3lZ6Va0VHZIIjNn5RY4zvC9z23ZmttTlR8yo55o99jngYeKcuEom-vVOzcMlCx68eo87-WD6C3IeKx6XqJOYQWFkfQ-XViYM3E7EKeoAlJazjE3ghit1UfSHNGlpyMKL4F5qyRSqUBYVXJ0GpImNbzb4bFCwUBa0BbrMGxM52XX6wWljBJew-eR_ezu7HT-Cg4qeeHlYOe0DJUKkBOVFyVmk1cwIcywmFmMgQRk-COjAMtXa5doTGMtPLM4q_Mh1qF_BjaRVngCTCNnJt9rBhykfmSx2mgI8m5MPFoC6an0KXOW7zXUhmLpt_O_n59DXvj2VOySB4mj-ewb3IRv8bJXUC7Wq7wEnbVZ_X6sbyyI_0DLROsPQ |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2014+International+Conference+on+Hardware%2FSoftware+Codesign+and+System+Synthesis+%28CODES%2BISSS%29+%3A+October+12-17%2C+2014%2C+Jaypee+Greens+Golf+and+Spa+Resort%2C+New+Delhi%2C+India&rft.atitle=Leveraging+microarchitectural+side+channel+information+to+efficiently+enhance+program+control+flow+integrity&rft.au=Chen+Liu&rft.au=Chengmo+Yang&rft.au=Yuanqi+Shen&rft.date=2014-10-01&rft.pub=ACM&rft.spage=1&rft.epage=9&rft_id=info:doi/10.1145%2F2656075.2656092&rft.externalDocID=6971821 |