eCoSoC - Energy-Efficient Code Instrumentation to Secure Systems-on-a-Chip Devices

Goals

The goal of this project is to develop power efficient code instrumentation techniques that track the flow of information inside applications running on systems-on-a-chip devices. We will be tracking two types of information flow: the leakage of secret information, and the use of malicious data. If a program manipulates information that should not be disclosed to an adversary, we say that this information is secret. If a program uses information that could be crafted by an adversary, we say that this information is tainted. A program contains an information disclosure vulnerability if it allows an adversary to read secret information. A program contains a tainted flow vulnerability if it allows an adversary to pass malicious information to a sensitive operation.

Relevance

It is our intention to design, implement and evaluate dynamic instrumentation techniques that are economic from an energy standpoint. We are not aware of previous systematic attempts to develop instrumentation techniques that are energy aware. Previous work focuses, instead, on reducing execution run time, and memory consumption. However, it is not clear that faster run times or less memory consumption naturally lead to lower energy consumption.

Security threats

  • Buffer Overflows: A buffer, also called an array or vector, is a contiguous sequence of elements stored in memory. A buffer overflow consists in writing to a buffer a quantity of data large enough to go past the buffer’s upper bound; hence, overwriting other program or user data. By carefully crafting this attack, one can overwrite the return address in a function's activation record; thus, diverting execution to another code area.
  • Arithmetic Overflows: Computers use basically two kinds of numeric types in arithmetic: integers and floating point numbers. Both types suffer with imprecision. It is our intention to study forms of software attack that rely on the imprecision of computer arithmetic. We want to analyze two forms of attacks, in which a malicious user is able to force a program to produce imprecise results by carefully crafting input values.
  • Address Leaks: We say that a program contains an information leak if it may disclosure sensitive data to an adversary. In this project we are interested in preventing the leaking of address information. An address leak is a software vulnerability that allows an adversary to discover where a program is loaded in memory. Although seemingly harmless,this information gives the adversary the means to circumvent two widespread protection mechanisms: Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP).