Testudo: Heavyweight Security Analysis via Statistical Sampling

Proceedings of the Annual International Symposium on Microarchitecture, MICRO

Volumn , Issue 2008 PROCEEDINGS, 2008, Pages 117-128

  Greathouse, Joseph L ^a   Wagner, Ilya ^a   Ramos, David A ^a   Bhatnagar, Gautam ^a   Austin, Todd ^a   Bertacco, Valeria ^a   Pettie, Seth ^a  

^a UNIVERSITY OF MICHIGAN   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

BUS DESIGN; COVERAGE ANALYSIS; DATAFLOW; DISTRIBUTED DEBUGGING; DYNAMIC TYPE; HARDWARE MODIFICATIONS; HARDWARE PLATFORM; HARDWARE-ASSISTED; LOW HARDWARE COSTS; MEMORY OVERHEADS; MEMORY SYSTEMS; NOVEL HARDWARE; PERFORMANCE IMPACT; PIPELINE REGISTERS; RANDOM SET; RUNTIME OVERHEADS; SECURITY ANALYSIS; SECURITY VULNERABILITIES; SMALL SAMPLES; SOFTWARE BUG; SOFTWARE IMPLEMENTATION; STATISTICAL SAMPLING; STORAGE SPACES;

COMPUTER SOFTWARE; DATA FLOW ANALYSIS; DYNAMIC ANALYSIS; HARDWARE; PROGRAM DEBUGGING; SAMPLING; SECURITY OF DATA; SECURITY SYSTEMS; SET THEORY;

COST BENEFIT ANALYSIS;

EID: 66749133987     PISSN: 10724451     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/MICRO.2008.4771784     Document Type: Conference Paper

References (35)

1. Bochs: The cross platform IA-32 emulator. http://bochs. sourceforge.net.
2. S. Chen, J. Xu, N. Nakka, Z. Kalbarczyk, and R. K. Iyer. Defeating memory corruption attacks via pointer taintedness detection. In Proc. of Dependable Systems and Networks (DSN), 2005.
3. T. M. Chilimbi and M. Hauswirth. Low-overhead memory leak detection using adaptive statistical profiling. In Proc. of Symposium on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2004.
4. R. Chinchani, A. Iyer, B. Jayaraman, and S. Upadhyaya. Insecure programming: how culpable is a language's syntax? In Proc. of Workshop on Information Assurance, 2003.
5. J. R. Crandall and R T. Chong. Minos: Control data attack prevention orthogonal to memory model. In Proc. of International Symposium on Micro architecture (MICRO), 2004.
6. M. Dalton, H. Kannan, and C. Kozyrakis. Raksha: a flexible information flow architecture for software security. In Proc of International Symposium on Computer Architecture, 2007.
7. H. de Vries. Chip-Architect.com, Feb. 2007. http://www. chip-architect.com/news/2007-02-19-Various-Images.html.
8. C. Evans. Libtiff-3.6.1 image decoder parsing flaws. http://scary.beasts. org/security/CESA-2004-006.txt, 2004.
9. A. Ho, M. Fetterman, C. Clark, A. Warfield, and S. Hand. Practical taint-based protection using demand emulation. In Proc. of European Conference in Computer Systems, 2006.
10. Intel Corporation. Intel 64 and IA-32 software developer's manual - volume 3A. http://developer.intel.com/design/processor/manuals/253668.pdf.
11. E. Larson and T. Austin. High coverage detection of input-related security faults. In Proc. of USENIX Security Conference, Aug. 2003.
12. L.C. Lam and T.C. Chiueh. Checking array bound violation using segmentation hardware. In Proc. of Dependable Systems and Networks (DSN), 2005.
13. B. Liblit, A. Aiken, A. X. Zheng, and M. I. Jordan. Bug isolation via remote program sampling. In Proc. of ACM Conference on Programming Language Design and Implementation, 2003.
14. B. Liblit, M. Naik, A. Zheng, A. Aiken, and M. Jordan. Scalable statistical bug isolation. In Proc. of ACM Conference on Programming Language Design and Implementation, 2005.
15. M. Bushnell, V. Agrawal. Essentials of Electronic Testing for Digital, Memory and Mixed-Signal VLSI circuits. Springer, 2000.
16. P. S. Magnusson, M. Christensson, J. Eskilson, D. Forsgren, G. Hållberg, J. Högberg, F. Larsson, A. Moestedt, and B. Werner. Simics: A full system simulation platform. IEEE Computer, 35(2), 2002.
17. S. McCamant and M. D. Ernst. Quantitative information-flow tracking for c and related languages. Technical report, MIT-CSAIL, Nov. 2006.
18. Microsoft Corp. Microsoft 2002 annual report and form 10-k. http://www.microsoft.com/msft/ar02/.
19. U. G. Nawathe, M. Hassan, L. Warriner, K. Yen, B. Upputuri, D. Greenhill, A. Kumar, and H. Park. An 8-core, 64-thread, 64-bit, power efficient SPARC SoC: (Niagara 2). In Proc. of International Solid State Circuits Conference (ISSCC), 2007.
20. Netcraft Ltd. April 2008 web server survey. http://news.netcraft.com/ archives/2008/04/14/april-2008-web-server-survey.html.
21. N. Nethercote and J. Fitzhardinge. Bounds-checking entire programs without recompiling. In Proc. of Workshop on Semantics, Program analysis, and Computing Environments for Memory Mamagement (SPACE), Jan. 2004.
22. N. Nethercote and J. Seward. Valgrind: A framework for heavyweight dynamic binary instrumentation. In Proc. of ACM Conference on Programming Language Design and Implementation, June 2007.
23. J. Newsome and D. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In Proc. of Network and Distributed System Security Symposium (NDSS), 2005.
24. E. B. Nightingale, D. Peek, P. M. Chen, and J. Flinn. Parallelizing security checks on commodity hardware. In Proc. of Symposium on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2008.
25. F. Qin, C. Wang, Z. Li, H.-S. Kim, Y. Zhou, and Y. Wu. LIFT: A low-overhead practical information flow tracking system for detecting security attacks. In Proc. of International Symposium on Microarchitecture (MICRO), 2006.
26. SecurityFocus. Lynx NNTP article header buffer overflow vulnerability. http://www.securityfocus.com/bid/15117/info, Nov. 2005.
27. SecurityFocus. Eggdrop server module message handling remote buffer overflow vulnerability. http://www.securityfocus. com/bid/24070/info, May 2007.
28. G. E. Suh, J. W Lee, D. Zhang, and S. Devadas. Secure program execution via dynamic information flow tracking. In Proc. of Symposium on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2004.
29. N. Suzuki and K. Ishihata. Implementation of an array bound checker. In Proc. of ACM Symposium on Principles of Programming Languages (POPL), 1977.
30. The Month of Apple Bugs. Multiple vendor PDF document catalog handling vulnerability. http://projects.info-pull.com/moab/MOAB-06-01-2007.html, June 2007.
31. S. Thoziyoor, N. Muralimanohar, and N. Jouppi. CACTI 5.0. http://www.hpl.hp.com/techreports/2007/HPL-2007-167. pdf, Oct. 2007.
32. N. Vachharajani, M. J. Bridges, J. Chang, R. Rangan, G. Ottoni, J. A. Blome, G. A. Reis, M. Vachharajani, and D. I. August. RIFLE: An architectural framework for user-centric information-flow security. In Proc. of International Symposium on Microarchitecture (MICRO), 2004.
33. G. Venkataramani, I. Doudalis, Y. Solihin, and M. Prvulovic. FlexiTaint: A programmable accelerator for dynamic taint propagation. In Proc. of International Symposium on High-Performance Computer Architecture (HPCA), 2006.
34. B. Waldecker. AMD Quad Core Processor Overview. http://www.nccs.gov/wp- content/training/scaling-workshop-pdfs/AMD-ORNL-073007.pdf.
35. W. Xu, S. Bhatkar, and R. Sekar. Taint-enhanced policy enforcement: A practial approach to defeat a wide range of attacks. In Proceedings of USENIX Security Conference, 2006.