Bock, Carsten ; Brasser, Ferdinand ; Gens, David ; Liebchen, Christopher ; Sadeghi, Ahmad-Reza (2019)
RIP-RH: Preventing Rowhammer-based Inter-Process Attacks.
ACM Asia Conference on Computer and Communications Security (AsiaCCS). Auckland (07.07.2019-12.07.2019)
doi: 10.1145/3321705.3329827
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Run-time attacks pose a continuous threat to the security of computer systems. These attacks aim at hijacking the operation of a computer program by subverting its execution at run time. While conventional run-time attacks usually require memory-corruption vulnerabilities in the program, hardware bugs represent an increasingly popular attack vector. Rowhammer represents a vulnerability in the design of DRAM modules that allows an adversary to modify memory locations in physical proximity to attacker-controlled memory on the module without accessing them. This is a serious threat to real-world systems, since DRAM is used as main memory on virtually all platforms. Recent research proposed defenses against rowhammer, such by patching the memory controller in hardware, or statically partitioning physical memory to protect the operating system kernel from a user space adversary. However, sharing DRAM memory securely between a number of different entities currently remains as an open problem. In this paper, we present RIP-RH, a DRAM-aware memory allocator that allows for dynamic management of multiple user-space processes. RIP-RH ensures that the memory partitions belonging to individual processes are physically isolated. In our detailed evaluation we demonstrate that our prototype implementation of RIP-RH incurs a modest run-time overhead of 3.17% for standard benchmarks and offers practical performance in a number of real-world scenarios.
Typ des Eintrags: | Konferenzveröffentlichung |
---|---|
Erschienen: | 2019 |
Autor(en): | Bock, Carsten ; Brasser, Ferdinand ; Gens, David ; Liebchen, Christopher ; Sadeghi, Ahmad-Reza |
Art des Eintrags: | Bibliographie |
Titel: | RIP-RH: Preventing Rowhammer-based Inter-Process Attacks |
Sprache: | Englisch |
Publikationsjahr: | 7 Juli 2019 |
Ort: | Auckland |
Veranstaltungstitel: | ACM Asia Conference on Computer and Communications Security (AsiaCCS) |
Veranstaltungsort: | Auckland |
Veranstaltungsdatum: | 07.07.2019-12.07.2019 |
DOI: | 10.1145/3321705.3329827 |
Kurzbeschreibung (Abstract): | Run-time attacks pose a continuous threat to the security of computer systems. These attacks aim at hijacking the operation of a computer program by subverting its execution at run time. While conventional run-time attacks usually require memory-corruption vulnerabilities in the program, hardware bugs represent an increasingly popular attack vector. Rowhammer represents a vulnerability in the design of DRAM modules that allows an adversary to modify memory locations in physical proximity to attacker-controlled memory on the module without accessing them. This is a serious threat to real-world systems, since DRAM is used as main memory on virtually all platforms. Recent research proposed defenses against rowhammer, such by patching the memory controller in hardware, or statically partitioning physical memory to protect the operating system kernel from a user space adversary. However, sharing DRAM memory securely between a number of different entities currently remains as an open problem. In this paper, we present RIP-RH, a DRAM-aware memory allocator that allows for dynamic management of multiple user-space processes. RIP-RH ensures that the memory partitions belonging to individual processes are physically isolated. In our detailed evaluation we demonstrate that our prototype implementation of RIP-RH incurs a modest run-time overhead of 3.17% for standard benchmarks and offers practical performance in a number of real-world scenarios. |
Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Systemsicherheit Profilbereiche Profilbereiche > Cybersicherheit (CYSEC) |
Hinterlegungsdatum: | 19 Jun 2019 11:20 |
Letzte Änderung: | 19 Jun 2019 11:20 |
PPN: | |
Export: | |
Suche nach Titel in: | TUfind oder in Google |
Frage zum Eintrag |
Optionen (nur für Redakteure)
Redaktionelle Details anzeigen |