Asynchronous hardware-enforced memory safety

Tseng, Kuan-Yu

Permalink

https://hdl.handle.net/2142/45568 Copy

Description

Title

Asynchronous hardware-enforced memory safety

Author(s)

Tseng, Kuan-Yu

Issue Date

2013-08-22T16:48:05Z

Director of Research (if dissertation) or Advisor (if thesis)

• Iyer, Ravishankar K.
• Kalbarczyk, Zbigniew T.

Department of Study

Computer Science

Discipline

Computer Science

Degree Granting Institution

University of Illinois at Urbana-Champaign

Degree Name

M.S.

Degree Level

Thesis

Keyword(s)

• Memory Safety
• Memory errors
• Hardware
• Field-Programmable Gate Array (FPGA)
• Memory Corruption Attacks
• C Programming language
• Bounds checking

Abstract

Memory corruption attacks, such as buffer overflow attacks, have been threatening software security for more than three decades. Despite tremendous efforts by developers and researchers to prevent programs written in memory-unsafe language (e.g., C/C++) from memory errors (the root cause of memory corruption attacks), the drawbacks and limitations of prior protection mechanisms impede their wide deployment. Prior approaches suffer from either (1) incomplete coverage of memory errors, (2) prohibitively high runtime overhead, (3) weak protection for metadata used by the approach, (4) low source compatibility to legacy code, (5) low binary compatibility to compiled binaries, (6) limited modularity support, or (7) low scalability for larger programs. This thesis presents AHEMS, an architectural support that ensures both spatial and temporal memory safety based on the pointer-based approach to overcome the aforementioned drawbacks. AHEMS provides three novel features that allow for fast, flexible, and secure memory safety checking. First, AHEMS checks memory safety asynchronously to the main processor so that the runtime overhead is very low. Second, AHEMS can be flexibly implemented either in a processor, as a co-processor, or as an external device, depending on the designer's choice. Third, AHEMS provides physical isolation for the metadata (i.e., base and bounds information) so that the metadata cannot be tampered with by any means. We implement an FPGA prototype for AHEMS that allows us to evaluate its detection coverage, runtime overhead, critical path, hardware overhead, and power consumption. Our experiment shows that AHEMS passes 676 security test cases out of 11 different CWEs (including spatial and temporal memory errors) and only incurs as little as 10.6% runtime overhead with a negligible impact on the critical path (0.06% overhead) and power consumption (0.5% overhead).

Graduation Semester

2013-08

Permalink

http://hdl.handle.net/2142/45568

Copyright and License Information

Copyright 2013 Kuan-Yu Tseng

Owning Collections