SIFT: A low-overhead dynamic information flow tracking architecture for SMT processors

Proceedings of the 8th ACM International Conference on Computing Frontiers, CF'11

Volumn , Issue , 2011, Pages

  Ozsoy, Meltem ^a   Ponomarev, Dmitry ^a   Abu Ghazaleh, Nael ^a   Suri, Tameesh ^b  

^a State University of New York at Binghamton   (United States)

^b INTEL CORPORATION   (United States)

Author keywords

dynamic information flow tracking; microarchitecture; security; simultaneous multithreading

Indexed keywords

AREA OVERHEAD; BASE DESIGN; BUFFER OVERFLOWS; CHIP MANUFACTURERS; CODE INJECTION ATTACKS; DYNAMIC INFORMATION FLOW TRACKING; HARDWARE IMPLEMENTATIONS; MICRO ARCHITECTURES; PERFORMANCE PENALTIES; PREFETCHING; SECURITY; SHADOW MEMORIES; SIMULTANEOUS MULTI-THREADING; SOFTWARE-BASED;

COMPUTER ARCHITECTURE; HARDWARE; NETWORK SECURITY; OPTIMIZATION; PROGRAM PROCESSORS;

MULTITASKING;

EID: 80052525471     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2016604.2016650     Document Type: Conference Paper

References (31)

1. Opensparc t1 micro architecture specification. In Sun Microsystems, Inc., Mar. 2006.
2. Tsmc 90nm core library - tcbn90ghp. In Application Note - Revision 1.2, Mar. 2006.
3. Aleph One. Smashing the stack for fun and profit, Nov. 1996.
4. Cert advisory ca-2001-33: Multiple vulnerabilities in wu-ftpd., Nov. 2001. Available online at http://www.cert.org/advisories/CA-2001-33.html.
5. Cert advisory ca-2002-12: Format string vulnerability in isc dhcpd., May 2002. Available online at http://www.cert.org/advisories/CA-2002-12.html.
6. H. Chen, X. Wu, L. Yuan, B. Z. P. Yew, and F. T.Chong. From speculation to security: Practical and efficient information flow tracking using speculative hardware. In ISCA, June 2008.
7. S. Chen, M. Kozuch, T. Strigkos, B. Falsafi, P. B.Gibbons, T. C.Mowry, V. Ramachandran, O. Ruwase, M. Ryan, and E. Vlachos. Flexible hardware acceleration for instruction-grain program monitoring. In ISCA, June 2008.
8. C. Cowan, C. Pu, D. Maier, H. Hintony, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, and Q. Zhang. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Proc. of Usenix Security Symp., 1998.
9. M. Dalton, H. Kannan, and C. Kozyrakis. Raksha: A flexible information flow architecture for software security. In ISCA, June 2007.
10. M. Dalton, H. Kannan, and C. Kozyrakis. Real world buffer overflow protection for userspace and kernelspace. In Proc. USENIX Security Symp., July 2008.
11. G. E.Suh, J. W.Lee, D. Zhang, and S. Devadas. Secure program execution via dynamic information flow tracking. In ASPLOS, Oct. 2004.
12. T. Garfinkel, B. Pfaff, and M. Rosenblum. Ostia: A delegating architecture for secure system call interposition. In NDSS, Feb. 2004.
13. N. Heintze and J. Riecke. The slam calculus: Programming with secrecy and integrity. In POPL, 1998.
14. T. Jim and M. Rajagopalan. System call monitoring using authenticated system calls. In TDSC, 2006.
15. H. Kannan, M. Dalton, and C. Kozyrakis. Decoupling dynamic information flow tracking with a dedicated coprocessor. In DSN, June 2009.
16. G. Kc, A. Keromytis, and V. Prevelakis. Countering code-injection attacks with instruction-set randomization. In ACM CCS, 2003.
17. M. Conover and w00w00 Security Team. w00w00 on heap overflows, Jan. 1999. Available online at http: //www.w00w00.org/files/articles/heaptut.txt.
18. M-sim version 3.0, code and documentation, 2005. Available online at:http://www.cs.binghamton.edu/~msim.
19. A. Myers. Jflow: Practical mostly static information flow control. In POPL, 1999.
20. A. Myers and B. Liskov. Proteccting provacy using decentralized lebel model. In ACM TOSEM, (4), pp.410-422, 2000.
21. First the tick, now the tock: Intel microarchitecture (nehalem), 2009. Available online at: http://www.intel.com/technology/architecture-silicon/next- gen/319724.pdf.
22. J. Newsome and D. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In NDSS, Feb. 2005.
23. E. Nightingale, D. Peek, and P. Chen. Parallelizing security checks on commodity hardware. In ASPLOS, 2008.
24. S. Palacharla, N. Jouppi, and J. E. Smith. Complexity effective superscalar processors. In ISCA, June 1997.
25. F. Qin, C. Wang, Z. Li, H. Kim, Y. Zhou, and Y. Wu. Lift: A low-overhead practical information flow tracking system for detecting security attacks. In MICRO, Dec. 2006.
26. B. Sinharoy. Power 7 multicore processor design. In Keynote talk at MICRO, Dec. 2009.
27. C. D. Spradling. Spec cpu2006 benchmark tools. SIGARCH Comput. Archit. News, 35(1):130-134, 2007.
28. Us-cert, 2009. Available online at: http://www.us-cert.gov/.
29. H. K. V. Nagarajan, Y. Wu, and R. Gupta. Dynamic information flow tracking on multicores. In INTERACT, Feb. 2008.
30. G. Venkataramani, I. Doudalis, and Y. Solihin. FlexiTaint: A programmable accelerator for dynamic taint propagation. In HPCA, 2008.
31. W. Xu, E. Bhatkar, and R. Sekar. Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks. In Proc. USENIX Security Symp., Aug. 2006.