자료유형 | 학위논문 |
---|---|
서명/저자사항 | Leveraging Processor Features for System Security. |
개인저자 | Aweke, Zelalem Birhanu. |
단체저자명 | University of Michigan. Computer Science & Engineering. |
발행사항 | [S.l.]: University of Michigan., 2019. |
발행사항 | Ann Arbor: ProQuest Dissertations & Theses, 2019. |
형태사항 | 114 p. |
기본자료 저록 | Dissertations Abstracts International 81-04B. Dissertation Abstract International |
ISBN | 9781687927620 |
학위논문주기 | Thesis (Ph.D.)--University of Michigan, 2019. |
일반주기 |
Source: Dissertations Abstracts International, Volume: 81-04, Section: B.
Advisor: Austin, Todd M. |
이용제한사항 | This item must not be sold to any third party vendors.This item must not be added to any third party search indexes. |
요약 | Errors in hardware and software lead to vulnerabilities that can be exploited by attackers. Proposed exploit mitigation techniques can be broadly categorized into two: software-only techniques and techniques that propose specialized hardware extensions. Software-only techniques can be implemented on existing hardware, but typically suffer from impractically high overheads. On the other hand, specialized hardware extensions, while improving performance, in practice require a long time to be incorporated into production hardware. In this dissertation, we propose adapting existing processor features to provide novel and low-overhead security solutions.In the first part of the dissertation, we show how modern hardware features can be used to provide efficient memory safety. One component of memory safety that has become important in recent years is temporal memory safety. Temporal memory safety techniques are used to detect memory errors such as use-after-free errors. This dissertation proposes a temporal memory safety technique that takes advantage of pointer authentication hardware to significantly reduce the memory and runtime overhead of traditional temporal safety techniques. Providing complete memory safety on resource constrained devices is expensive, therefore we propose software-based fault isolation (sandboxing) as an efficient alternative to constrain attackers' access to code and data in embedded systems. We show how we can use the memory protection unit (MPU) hardware available in many embedded devices along with a small trusted runtime to build a low-overhead sandboxing mechanism.In the second part of the dissertation, we show how hardware performance counters in modern processors can be used to detect rowhammer attacks. Our technique detects rowhammer attacks by monitoring for high locality memory accesses out of the last-level cache using hardware performance counters. The technique accurately detects rowhammer attacks with a low performance overhead and without requiring hardware modifications. |
일반주제명 | Computer engineering. |
언어 | 영어 |
바로가기 |
: 이 자료의 원문은 한국교육학술정보원에서 제공합니다. |