Secure virtual architecture: security for commodity software systems

Criswell, John

Permalink

https://hdl.handle.net/2142/50547 Copy

Description

Title

Secure virtual architecture: security for commodity software systems

Author(s)

Criswell, John

Issue Date

2014-09-16

Director of Research (if dissertation) or Advisor (if thesis)

Adve, Vikram S.

Doctoral Committee Chair(s)

Adve, Vikram S.

Committee Member(s)

• Parthasarathy, Madhusudan
• King, Samuel T.
• Morrisett, Greg

Department of Study

Computer Science

Discipline

Computer Science

Degree Granting Institution

University of Illinois at Urbana-Champaign

Degree Name

Ph.D.

Degree Level

Dissertation

Keyword(s)

• secure virtual architecture
• computer security
• security
• compilers
• operating systems
• LLVM compiler infrastructure project
• Low Level Virtual Architecture (LLVA)
• Secure Virtual Architecture (SVA)
• (Kernel Control Flow Integrity (KCoFI)
• Virtual Ghost
• memory safety
• control flow integrity
• compromised operating systems

Abstract

Commodity operating systems are entrusted with providing security to the applications we use everyday, and yet they suffer from the same security vulnerabilities as user-space applications: they are susceptible to memory safety attacks such as buffer overflows, and they can be tricked into dynamically loading malicious code. Worse yet, commodity operating system kernels are highly privileged; exploitation of the kernel results in compromise of all applications on the system. This work describes the Secure Virtual Architecture (SVA): a compiler-based virtual machine placed between the software stack and the hardware that can enforce strong security policies on commodity application and operating system kernel code. This work describes how SVA abstracts hardware/software interactions and program state manipulation so that compiler instrumentation can be used to control these operations, and it shows how SVA can be used to protect both the operating system kernel and applications from attack. Specifically, this work shows how SVA can protect operating system kernels from memory safety attacks; it also shows how SVA prevents a compromised operating system kernel from adversely affecting the execution of trusted applications by providing application memory that the operating system kernel cannot read and write and secure application control flow that the operating system cannot corrupt.

Graduation Semester

2014-08

Permalink

http://hdl.handle.net/2142/50547

Copyright and License Information

Copyright 2014 John T Criswell

Owning Collections