InfoShield: A security architecture for protecting information usage in memory

Proceedings - International Symposium on High-Performance Computer Architecture

Volumn 2006, Issue , 2006, Pages 225-234

  Shi, Weidong ^a   Lee, Hsien Hsin S ^a   Fryman, Joshua B ^b   Zhang, Youtao ^c   Gu, Guofei ^a   Yang, Jun ^d  

^a GEORGIA INSTITUTE OF TECHNOLOGY   (United States)

^b INTEL CORPORATION   (United States)

^c University of Pittsburgh   (United States)

^d University of California Riverside   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

INTERNET USERS; MEMORY SCAN; NON-VOLATILE MEMORY; PASSWORDS;

CRYPTOGRAPHY; DATA PRIVACY; DATA STORAGE EQUIPMENT; ELECTRONIC COMMERCE; HARD DISK STORAGE; INTERNET; SCANNING; SECURITY OF DATA; SEMANTICS; SERVERS;

COMPUTER SYSTEM FIREWALLS;

EID: 33748870010     PISSN: 15300897     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/HPCA.2006.1598131     Document Type: Conference Paper

References (35)

1. M. Abadi, A. Banerjee, N. Heintze, and J. G. Riecke. A Core Calculus of Dependency. In Proceedings of the ACM Symposium on Principles of Programming Languages, 1999.
2. Aleph One. Smashing the stack for fun and profit. Phrack, 7(49), November 1996.
3. J. Chow, B. Pfaff, T. Garfinkel, K. Christopher, and M. Rosenblum. Understanding Data Lifetime via Whole System Simulation. In USENIX Security Symposium, 2004.
4. C. Cowan, M. Barringer, S. Beattie, and O. Kroah-Hartman. FormatGuard: Automatic Protection From printf Format String Vulnerabilities. In USENIX Security Symposium, 2001.
5. C. Cowan, C. Pu, D. Maier, H. Hinton, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, and Q. Zhang. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In USENIX Security Symposium, 1998.
6. CyberCrime. http://www.ssg-inc.net/cyber.crime/cyber.crime.html.
7. D. E. Denning and P. J. Denning. Certification of programs for secure information flow. Commun. ACM, 20(7):504-513, 1977.
8. B. Friesen. Passwordspy - retrieving lost passwords using windows hooks. http://www.codeproject.com/.
9. B. Gassend, G. E. Suh, D. Clarke, M. van Dijk, and S. Devadas. Caches and Hash Trees for Efficient Memory Integrity Verification. In Proceedings of the Ninth Annual Symposium on High Performance Computer Architecture, 2003.
10. N. Heintze and J. O. Riecke. The SLam calculus: programming with secrecy and integrity. In Proceedings of the ACM Symposium on Principles of Programming Languages, 1998.
11. iDefense. http://www.idefense.com/advisory/01.28.03.txt.
12. I. Ivanov. Api hooking revealed, http://www.codeproject.com/.
13. A. K. Jones and B. H. Liskov. A language extension for expressing constraints on data access. Commun. ACM, 21(5):358-367, 1978.
14. K. Lawton. Welcome to the Bochs x86 PC Emulation Software Home Page. http://www.bochs.com.
15. A. Kumar. Discovering passwords in the memory. http://www.infosecwriters. com/text_resources/, 2004.
16. D. Larochelle and D. Evans. Statically Detecting Likely Buffer Overflow Vulnerabilities. In USENIX Security Symposium, 2001.
17. P. Laud. Semantics and Program Analysis of Computationally Secure Information Flow. In Proceedings of the 10th European Symposium on Programming Languages and Systems, 2001.
18. R. Levin, E. Cohen, W. Corwin, and W. Wulf. Policy/mechanism Separation in Hydra. In Proceedings of the ACM Symposium on Operating Systems Principles, 1975.
19. D. Lie, C. Thekkath, M. Mitchell, P. Lincoln, D. B. J. Mitchell, and M. Horowitz. Architectual support for copy and tamper resistant software. In Proceedings of the 9th Symposium on Architectural Support for Programming Languages and Operating Systems, 2000.
20. MITRE, http://cve.mitre.org/.
21. A. C. Myers and B. Liskov. Protecting privacy using the decentralized label model. ACM Trans. Softw. Eng. Methodol., 9(4):410-442, 2000.
22. G. C. Necula. Proof-carrying code. In Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pages 106-119. ACM Press, 1997.
23. G. C. Necula and P. Lee. Efficient representation and validation of proofs. In Proceedings of the 13th Annual IEEE Symposium on Logic in Computer Science, 1998.
24. N.Hardy. The keykos architecture. In Operating Systems Review, 1985.
25. F. Qin, S. Lu, and Y. Zhou. SafeMem: Exploiting ECC-Memory for Detecting Memory Leaks and Memory Corruption During Production Runs. In International Symposium on High-Performance Computer Architecture, 2005.
26. Scut. Exploiting format string vulnerabilities. 2001.
27. SecurityResponse. http://securityresponse.symantec.com/.
28. A. Shamir and N. van Someren. Playing hide and seek with stored keys.
29. G. Smith and D. Volpano. Secure Information Flow in a Multi-threaded Imperative Language. In Proceedings of the Symposium on Principles of Programming Languages, 1998.
30. E. G. Suh, D. Clarke, M. van Dijk, B. Gassend, and S.Devadas. AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing . In Proceedings of The Int'l Conference on Supercomputing, 2003.
31. N. Vachharajani, M. J. Bridges, J. Chang, R. Rangan, G. Ottoni, J. A. Blome, G. A. Reis, M. Vachharajani, and D. I. August. RIFLE: An Architectural Framework for User-Centric Information-Flow Security. In Proceedings of the 37th International Symposium on Microarchitecture, 2004.
32. VirusLibarary. http://www.viruslibrary.com/.
33. D. Volpano and G. Smith. Verifying Secrets and Relative Secrecy. In Proceedings of the Symposium on Principles of Programming Languages, 2000.
34. E. Witchel, J. Cates, and K. Asanovic. Mondrian Memory Protection. In Proceedings of the Int'l Conf. on Architectural Support for Programming Languages and Operating Systems, 2002.
35. www.ncipher.com.