XFI: Software guards for system address spaces

OSDI 2006 - 7th USENIX Symposium on Operating Systems Design and Implementation

Volumn , Issue , 2006, Pages 75-88

  Erlingsson, Úlfar ^a   Abadi, Martín ^a   Vrable, Michael ^b   Budiu, Mihai ^a   Necula, George C ^c  

^a UNIVERSITY OF CALIFORNIA   (United States)

^b UNIVERSITY OF CALIFORNIA   (United States)

^c UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL; LEGACY SYSTEMS; SYSTEMS ANALYSIS;

ADDRESS SPACE; COMMODITY SYSTEMS; DEVICE DRIVER; EXECUTION MODEL; LEGACY CODE; MULTIMEDIA CODEC; PROTECTION SYSTEMS; STAND -ALONE;

STATIC ANALYSIS;

EID: 78651539599     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (44)

1. M. Abadi, M. Budiu, Ú. Erlingsson, and J. Ligatti. A theory of secure control flow. In International Conf. on Formal Engineering Methods, 2005.
2. M. Abadi, M. Budiu, Ú. Erlingsson, and J. Ligatti. Control-flow integrity: Principles, implementations, and applications. In ACM Computer and Communications Security Conf., 2005.
3. A. W. Appel and A. P. Felty. A semantic model of types and machine instructions for proof-carrying code. In POPL, 2000.
4. P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the art of virtualization. In SOSP, 2003.
5. B. Bershad, S. Savage, P. Pardyak, E. G. Sirer, D. Becker, M. Fiuczynski, C. Chambers, and S. Eggers. Extensibility, safety and performance in the SPIN operating system. In SOSP, 1995.
6. B. N. Bershad, S. Savage, P. Pardyak, D. Becker, M. Fiuczynski, and E. G. Sirer. Protection is a software issue. In HotOS, 1995.
7. D. Box. Essential COM. Addison-Wesley, 1997.
8. D. Bruening, T. Garnett, and S. Amarasinghe. An infrastructure for adaptive dynamic optimization. In Symp. on Code Generation and Optimization, 2003.
9. M. Budiu, Ú. Erlingsson, and M. Abadi. Architectural support for software-based protection. Technical Report MSR-TR-2006-115, Microsoft Research, 2006.
10. A. Chander, D. Espinosa, N. Islam, P. Lee, and G. C. Necula. Enforcing resource bounds via static verification of dynamic checks. In European Symp. on Programming, 2005.
11. B.-Y. E. Chang, A. Chlipala, and G. C. Necula. A framework for certified program analysis and its applications to mobile-code safety. In International Conf. on Verification, Model Checking, and Abstract Interpretation, 2006.
12. S. Chen, J. Xu, E. C. Sezer, P. Gauriar, and R. Iyer. Non-control-data attacks are realistic threats. In Usenix Security, 2005.
13. C. Cowan, C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang, and H. Hinton. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Usenix Security, 1998.
14. R. Desikan, D. C. Burger, S. W. Keckler, and T. Austin. Simalpha: a validated, execution-driven Alpha 21264 simulator. Technical Report TR-01-23, U.T. Austin, Dept. of C.S., 2003.
15. P. Deutsch and C. A. Grant. A flexible measurement tool for software systems. In Information Processing (Proc. of the IFIP Congress), 1971.
16. Ú. Erlingsson and F. B. Schneider. SASI enforcement of security policies: A retrospective. In New Security Paradigms, 1999.
17. Ú. Erlingsson and F. B. Schneider. IRM enforcement of Java stack inspection. In IEEE Symp. on Security and Privacy, 2000.
18. K. Hamlen, G. Morrisett, and F. B. Schneider. Certified in-lined reference monitoring on .NET. In ACM Workshop on Programming Languages and Analysis for Security, 2006.
19. G. C. Hunt, J. R. Larus, M. Abadi, M. Aiken, P. Barham, M. Fahndrich, C. Hawblitzel, O. Hodson, S. Levi, N. Murphy, B. Steensgaard, D. Tarditi, T. Wobber, and B. Zill. An overview of the Singularity project. Technical Report MSR-TR-2005-135, Microsoft Research, 2005.
20. Independent JPEG Group. Reference implementation for JPEG image compression, 1998. http://www.ijg.org/.
21. V. Kiriansky, D. Bruening, and S. Amarasinghe. Secure execution via program shepherding. In Usenix Security, 2002.
22. C. Lee, M. Potkonjak, and W. H. Mangione-Smith. MediaBench: a tool for evaluating and synthesizing multimedia and communications systems. In MICRO, 1997.
23. J. LeVasseur, V. Uhlig, J. Stoess, and S. Götz. Unmodified device driver reuse and improved system dependability via virtual machines. In OSDI, 2004.
24. T. Lindholm and F. Yellin. The Java Virtual Machine Specification. Addison-Wesley, 1996.
25. S. McCamant and G. Morrisett. Evaluating SFI for a CISC architecture. In Usenix Security, 2006.
26. Microsoft Corp. Windows Driver Foundation (WDF), 2006. http://www.microsoft.com/whdc/driver/wdf/.
27. J. Mogul, R. Rashid, and M. Accetta. The packet filter: An efficient mechanism for user-level network code. ACM Operating Systems Review, SIGOPS, 21(5), 1987.
28. G. Morrisett, D. Walker, K. Crary, and N. Glew. From System F to typed assembly language. In POPL, 1998.
29. G. C. Necula. Proof-carrying code. In POPL, 1997.
30. W. Oney. Programming the Microsoft Windows Driver Model. Microsoft Press, second edition, 2002.
31. M. Pietrek. A crash course on the depths of Win32 structured exception handling. Microsoft Systems Journal, 1997. http://www.microsoft.com/msj/0197/.
32. J. Pincus and B. Baker. Beyond stack smashing: Recent advances in exploiting buffer overruns. IEEE Security and Privacy, 2(4), 2004.
33. V. Prasad, W. Cohen, F. C. Eigler, M. Hunt, J. Keniston, and B. Chen. Locating system problems using dynamic instrumentation. In Ottawa Linux Symp., 2005.
34. M. E. Russinovich and D. A. Solomon. Microsoft Windows Internals. Microsoft Press, fourth edition, 2004.
35. S. Savage and B. N. Bershad. Some issues in the design of extensible operating systems. In OSDI, 1994.
36. C. Small and M. I. Seltzer. MiSFIT: Constructing safe extensible systems. IEEE Concurrency: Parallel, Distributed and Mobile Computing, 6(3), 1998.
37. A. Srivastava, A. Edwards, and H. Vo. Vulcan: Binary transformation in a distributed environment. Technical Report MSR-TR-2001-50, Microsoft Research, 2001.
38. M. M. Swift, M. Annamalai, B. N. Bershad, and H. M. Levy. Recovering device drivers. In OSDI, 2004.
39. M. M. Swift, B. N. Bershad, and H. M. Levy. Improving the reliability of commodity operating systems. In SOSP, 2003.
40. R. von Behren, J. Condit, F. Zhou, G. C. Necula, and E. Brewer. Capriccio: Scalable threads for Internet services. In SOSP, 2003.
41. R. Wahbe, S. Lucco, T. E. Anderson, and S. L. Graham. Efficient software-based fault isolation. In SOSP, 1993.
42. E. Witchel and K. Asanovic. Hardware works, software doesn’t: Enforcing modularity with Mondriaan memory protection. In HotOS, 2003.
43. E. Witchel, J. Cates, and K. Asanović. Mondrian memory protection. In ASPLOS, 2002.
44. E. Witchel, J. Rhee, and K. Asanović. Mondrix: Memory isolation for Linux using Mondriaan memory protection. In SOSP, 2005.