Abstract |
Security is essential in today’s computing systems. Nearly every aspect of modern life is
associated with computing devices. This trend is not expected to slow down in the near future, conversely, it is expected to continue expanding. Thus, it is important to ensure that
modern systems are secure against cyber-threats, especially considering that computing
devices are responsible even for life-critical tasks (e.g., medical devices, smart cars, etc.).
Security relies on checking various conditions during an application’s execution as well
as various computations on the application’s memory (e.g., hashing, cryptography, etc.). A
plethora of effective security mechanisms has been designed and implemented solely in
software. However, the additional security checks and operations are not cheap and cause
runtime performance overhead as well as increased power consumption. In an effort to
reduce the imposed overheads relaxed and lightweight s ecurity variations of these strategies have been proposed, but they often prove ineffective and easy to bypass with new,
more sophisticated exploitation techniques. Researchers and industry providers strive to
find the golden ratio between security and overall functionality of the system. This is not
an easy task and it has been long proven that effective strategies relying only on software,
often fail to achieve both of these goals. Modern CPUs introduce progressively more architectural extensions which aim to accelerate certain heavy operations. Thus, one could
argue that pushing parts of security mechanisms in the hardware domain is a promising
approach, in order to offer strong security guarantees with minimal runtime overhead.
In this dissertation, we explore the design of hardware assisted security mechanisms
in order to protect systems against common exploitation techniques. Our work can be divided in two categories of mechanisms. First, we utilize architectural extensions already
present in commodity off the self hardware, even if they were not originally designed for
security purposes. Second, we design and implement our own hardware extensions that
aim to enhance the performance of promising security strategies which were originally implemented solely in software. The techniques we explored prevent memory related vulnerabilities from escalating to successful exploitation of the system. In summary, we present
a lightweight main memory encryption mechanism that leverages widely available cryptographic accelerators and MMU components in order to prevent attackers with physical access from disclosing sensitive data. We then explore intra-process isolation through
leveraging hardware assisted user-level memory partition in order to preserve memory
safety in managed runtime environments when libraries written in non memory safe (or
type safe) languages are loaded. Furthermore, we design and implement cryptographically resistant architecturally assisted Instruction Set Randomization in to prevent Code
Injection and Code Reuse attacks. Finally, we design and implement a complete, policy
agnostic Control Flow Graph based Control Flow Integrity instruction set and we discuss
how we adapted our work in order to form the specification for CFI in RISC-V architecture.
The evaluation of our work and the tendency of CPU providers to include architectural
extensions for security verifies that our approach is promising for defending against the
ever-expanding threat landscape.
|