More Web Proxy on the site http://driver.im/

research-article

Public Access

dMVX: Secure and Efficient Multi-Variant Execution in a Distributed Setting

Authors:

Alexios Voulimeneas,

Stijn VolckaertAuthors Info & Claims

EuroSec '21: Proceedings of the 14th European Workshop on Systems Security

Pages 41 - 47

https://doi.org/10.1145/3447852.3458714

Published: 26 April 2021 Publication History

Abstract

Multi-variant execution (MVX) systems amplify the effectiveness of software diversity techniques. The key idea is to run multiple diversified program variants in lockstep while providing them with the same input and monitoring their run-time behavior for divergences. Thus, adversaries have to compromise all program variants simultaneously to mount an attack successfully.

Recent work proposed distributed, heterogeneous MVX systems that leverage different ABIs and ISAs to increase the diversity between program variants further. However, existing distributed MVX system designs suffer from high performance overhead due to time-consuming network transactions required for the MVX operations.

This paper presents dMVX, a novel hybrid distributed MVX design, which incorporates new techniques that significantly reduce the overhead of MVX systems in a distributed setting. Our key insight is that we can intelligently reduce the MVX operations that use expensive network transfers. First, we can limit the monitoring of system calls that are not security-critical. Second, we observe that, in many circumstances, we can also safely avoid replication operations needed for I/O related system calls. Our evaluation shows that dMVX reduces the performance degradation from over 50% to 3.1% for realistic server benchmarks.

References

[1]

Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti. 2005. Control-flow integrity. In Proceedings of the ACM Conference on Computer and Communications Security (CCS).

Digital Library

[2]

Emery D Berger and Benjamin G Zorn. 2006. DieHard: probabilistic memory safety for unsafe languages. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI).

Digital Library

[3]

Danilo Bruschi, Lorenzo Cavallaro, and Andrea Lanzi. 2007. Diversified process replicæ for defeating memory error exploits. In IEEE Performance, Computing, and Communications Conference (IPCCC).

[4]

L Cavallaro. 2007. Comprehensive Memory Error Protection via Diversity and Taint-Tracking. Ph.D. Dissertation. PhD dissertation, Universita Degli Studi Di Milano.

[5]

Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, and Marcel Winandy. 2010. Return-oriented Programming Without Returns. In Proceedings of the ACM Conference on Computer and Communications Security (CCS).

Digital Library

[6]

Shuo Chen, Jun Xu, Emre Can Sezer, Prachi Gauriar, and Ravishankar K Iyer. 2005. Non-Control-Data Attacks Are Realistic Threats. In Proceedings of the USENIX Security Symposium.

[7]

Benjamin Cox, David Evans, Adrian Filipi, Jonathan Rowanhill, Wei Hu, Jack Davidson, John Knight, Anh Nguyen-Tuong, and Jason Hiser. 2006. N-Variant Systems: A Secretless Framework for Security through Diversity. In USENIX Security Symposium.

[8]

Enes Göktas, Benjamin Kollenda, Philipp Koppe, Erik Bosman, Georgios Portokalidis, Thorsten Holz, Herbert Bos, and Cristiano Giuffrida. 2018. Position-independent Code Reuse: On the Effectiveness of ASLR in the Absence of Information Disclosure. In IEEE European Symposium on Security and Privacy (EuroS&P).

[9]

Daniel Gruss, Clémentine Maurice, and Stefan Mangard. 2016. Rowhammer.js: A remote software-induced fault attack in javascript. In Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA).

Digital Library

[10]

Petr Hosek and Cristian Cadar. 2013. Safe software updates via multi-version execution. In Proceedings of the International Conference on Software Engineering (ICSE).

[11]

Petr Hosek and Cristian Cadar. 2015. Varan the unbelievable: An efficient n-version execution framework. In Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS).

Digital Library

[12]

Hong Hu, Zheng Leong Chua, Sendroiu Adrian, Prateek Saxena, and Zhenkai Liang. 2015. Automatic Generation of Data-Oriented Exploits. In Proceedings of the USENIX Security Symposium.

[13]

Hong Hu, Shweta Shinde, Sendroiu Adrian, Zheng Leong Chua, Prateek Saxena, and Zhenkai Liang. 2016. Data-oriented programming: On the expressiveness of non-control data attacks. In Proceedings of the IEEE Symposium on Security and Privacy.

[14]

Dohyeong Kim, Yonghwi Kwon, William N Sumner, Xiangyu Zhang, and Dongyan Xu. 2015. Dual execution for on the fly fine grained execution comparison. In Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS).

Digital Library

[15]

P. Kocher, J. Horn, A. Fogh, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, M. Schwarz, and Y. Yarom. 2019. Spectre Attacks: Exploiting Speculative Execution. In Proceedings of the IEEE Symposium on Security and Privacy.

[16]

Koen Koning, Herbert Bos, and Cristiano Giuffrida. 2016. Secure and efficient multi-variant execution using hardware-assisted process virtualization. In IEEE/IFIP Conference on Dependable Systems and Networks (DSN).

[17]

Yonghwi Kwon, Dohyeong Kim, William Nick Sumner, Kyungtae Kim, Brendan Saltaformaggio, Xiangyu Zhang, and Dongyan Xu. 2016. LDX: Causality inference by lightweight dual execution. In Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS).

Digital Library

[18]

Per Larsen, Andrei Homescu, Stefan Brunthaler, and Michael Franz. 2014. SoK: Automated Software Diversity. In Proceedings of the IEEE Symposium on Security and Privacy.

Digital Library

[19]

Moritz Lipp, M. Schwarz, D. Gruss, Thomas Prescher, W. Haas, A. Fogh, Jann Horn, S. Mangard, P. Kocher, Daniel Genkin, Yuval Yarom, and Michael Hamburg. 2018. Meltdown: Reading Kernel Memory from User Space. In Proceedings of the USENIX Security Symposium.

[20]

Kangjie Lu, Meng Xu, Chengyu Song, Taesoo Kim, and Wenke Lee. 2018. Stopping Memory Disclosures via Diversification and Replicated Execution. IEEE Transactions on Dependable and Secure Computing (TDSC) (2018).

Digital Library

[21]

Matthew Maurer and David Brumley. 2012. TACHYON: Tandem execution for efficient live patch testing. In Proceedings of the USENIX Security Symposium.

[22]

Santosh Nagarakatte, Jianzhou Zhao, Milo M.K. Martin, and Steve Zdancewic. 2009. SoftBound: Highly Compatible and Complete Spatial Memory Safety for C. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI).

Digital Library

[23]

Santosh Nagarakatte, Jianzhou Zhao, Milo M.K. Martin, and Steve Zdancewic. 2010. CETS: Compiler Enforced Temporal Safety for C. In International Symposium on Memory Management (ISMM).

Digital Library

[24]

Gene Novark and Emery D Berger. 2010. DieHarder: Securing the Heap. In Proceedings of the ACM Conference on Computer and Communications Security (CCS).

Digital Library

[25]

Sebastian Österlund, Koen Koning, Pierre Olivier, Antonio Barbalace, Herbert Bos, and Cristiano Giuffrida. 2019. kMVX: Detecting Kernel Information Leaks with Multi-variant Execution. In Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS).

Digital Library

[26]

Babak Salamat, Todd Jackson, Andreas Gal, and Michael Franz. 2009. Orchestra: intrusion detection using parallel execution and monitoring of program variants in user-space. In Proceedings of the ACM European Conference on Computer Systems (EuroSys).

Digital Library

[27]

Babak Salamat, Todd Jackson, Christian Wimmer Gregor, Wagner, and Michael Franz. 2011. Run-Time Defense against Code Injection Attacks using Replicated Execution. IEEE Transactions on Dependable and Secure Computing(TDSC) (2011).

[28]

Mark Seaborn and Thomas Dullien. 2015. Exploiting the DRAM rowhammer bug to gain kernel privileges. In Black Hat USA.

[29]

Hovav Shacham. 2007. The Geometry of Innocent Flesh on the Bone: Return-intolibc Without Function Calls (on the x86). In Proceedings of the ACM Conference on Computer and Communications Security (CCS).

Digital Library

[30]

Kevin Z. Snow, Fabian Monrose, Lucas Davi, Alexandra Dmitrienko, Christopher Liebchen, and Ahmad-Reza Sadeghi. 2013. Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization. In Proceedings of the IEEE Symposium on Security and Privacy.

Digital Library

[31]

Dokyung Song, Julian Lettner, Prabhu Rajasekaran, Yeoul Na, Stijn Volckaert, Per Larsen, and Michael Franz. 2019. SoK: Sanitizing for Security. In Proceedings of the IEEE Symposium on Security and Privacy.

[32]

Victor Van Der Veen, Yanick Fratantonio, Martina Lindorfer, Daniel Gruss, Clémentine Maurice, Giovanni Vigna, Herbert Bos, Kaveh Razavi, and Cristiano Giuffrida. 2016. Drammer: Deterministic rowhammer attacks on mobile platforms. In Proceedings of the ACM Conference on Computer and Communications Security (CCS).

Digital Library

[33]

Ashish Venkat, Sriskanda Shamasunder, Hovav Shacham, and Dean M Tullsen. 2016. Hipstr: Heterogeneous-ISA program state relocation. In Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS).

Digital Library

[34]

Ashish Venkat and Dean M. Tullsen. 2014. Harnessing ISA Diversity: Design of a Heterogeneous-ISA Chip Multiprocessor. In International Symposium on Computer Architecture (ISCA).

[35]

Stijn Volckaert, Bart Coppens, and Bjorn De Sutter. 2016. Cloning your gadgets: Complete ROP attack immunity with multi-variant execution. IEEE Transactions on Dependable and Secure Computing (TDSC) (2016).

[36]

Stijn Volckaert, Bart Coppens, Bjorn De Sutter, Koen De Bosschere, Per Larsen, and Michael Franz. 2017. Taming parallelism in a multi-variant execution environment. In Proceedings of the ACM European Conference on Computer Systems (EuroSys).

Digital Library

[37]

Stijn Volckaert, Bart Coppens, Alexios Voulimeneas, Andrei Homescu, Per Larsen, Bjorn De Sutter, and Michael Franz. 2016. Secure and Efficient Application Monitoring and Replication. In Proceedings of the USENIX Annual Technical Conference (ATC).

[38]

Stijn Volckaert, Bjorn De Sutter, Tim De Baets, and Koen De Bosschere. 2012. GHUMVEE: efficient, effective, and flexible replication. In International Symposium on Foundations and Practice of Security (FPS).

[39]

Alexios Voulimeneas, Dokyung Song, Fabian Parzefall, Yeoul Na, Per Larsen, Michael Franz, and Stijn Volckaert. 2020. Distributed Heterogeneous N-Variant Execution. In Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA).

Digital Library

[40]

Robert Wahbe, Steven Lucco, Thomas E Anderson, and Susan L Graham. 1993. Efficient software-based fault isolation. In ACM Symposium on Operating Systems Principles (SOSP).

Digital Library

[41]

Xiaoguang Wang, Seng Ming Yeoh, Robert Lyerly, Pierre Olivier, Sang-Hoon Kim, and Binoy Ravindran. 2020. A Framework for Software Diversification with ISA Heterogeneity. In "International Symposium on Research in Attacks, Intrusions and Defenses (RAID)".

[42]

Xiaoguang Wang, SengMing Yeoh, Pierre Olivier, and Binoy Ravindran. 2020. Secure and Efficient In-Process Monitor (and Library) Protection with Intel MPK. In European Workshop on System Security (EuroSec).

[43]

Meng Xu, Kangjie Lu, Taesoo Kim, and Wenke Lee. 2017. Bunshin: compositing security mechanisms through diversification. In Proceedings of the USENIX Annual Technical Conference (ATC).

Cited By

Yeoh SWang XJang JRavindran BSchiavoni VEdinger JCao JJin Z(2024)sMVX: Multi-Variant Execution on Selected Code PathsProceedings of the 25th International Middleware Conference10.1145/3652892.3654794(62-73)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3652892.3654794
Jacobs AGülmez MAndries AVolckaert SVoulimeneas A(2024)System Call Interposition Without Compromise2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00030(183-194)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN58291.2024.00030
Espinoza AWood RForrest STiwari M(2022)Back to the future: N-Versioning of Microservices2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN53405.2022.00049(415-427)Online publication date: Jun-2022
https://doi.org/10.1109/DSN53405.2022.00049
Show More Cited By

Recommendations

Efficient Java exception handling in just-in-time compilation
Research Articles

Java uses exceptions to provide elegant error handling capabilities during program execution. However, the presence of exception handlers complicates the job of the just-in-time (JIT) compiler, while exceptions are rarely used in most programs. This ...
Interrupt Handling for Out-of-Order Execution Processors

Processors with multiple functional units, including the superscalars, achieve significant performance enhancement through low-level execution concurrency. In such processors, multiple instructions are often issued and definitely executed concurrently ...
A framework for reducing the cost of instrumented code

Instrumenting code to collect profiling information can cause substantial execution overhead. This overhead makes instrumentation difficult to perform at runtime, often preventing many known offline feedback-directed optimizations from being used in ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

EuroSec '21: Proceedings of the 14th European Workshop on Systems Security

April 2021

62 pages

ISBN:9781450383370

DOI:10.1145/3447852

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGOPS: ACM Special Interest Group on Operating Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 April 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

United States Office of Naval Research
Defense Advanced Research Projects Agency

Conference

EuroSys '21

Sponsor:

SIGOPS

EuroSys '21: Sixteenth European Conference on Computer Systems

April 26, 2021

Online, United Kingdom

Acceptance Rates

Overall Acceptance Rate 47 of 113 submissions, 42%

Upcoming Conference

EuroSys '25

Sponsor:
sigops

Twentieth European Conference on Computer Systems

March 30 - April 3, 2025

Rotterdam , Netherlands

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
325
Total Downloads

Downloads (Last 12 months)102
Downloads (Last 6 weeks)25

Reflects downloads up to 30 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Yeoh SWang XJang JRavindran BSchiavoni VEdinger JCao JJin Z(2024)sMVX: Multi-Variant Execution on Selected Code PathsProceedings of the 25th International Middleware Conference10.1145/3652892.3654794(62-73)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3652892.3654794
Jacobs AGülmez MAndries AVolckaert SVoulimeneas A(2024)System Call Interposition Without Compromise2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00030(183-194)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN58291.2024.00030
Espinoza AWood RForrest STiwari M(2022)Back to the future: N-Versioning of Microservices2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN53405.2022.00049(415-427)Online publication date: Jun-2022
https://doi.org/10.1109/DSN53405.2022.00049
Wang JPang JWei J(2021)Security-as-a-Service with Cyberspace Mimic Defense Technologies in CloudData Science10.1007/978-981-16-5943-0_11(129-138)Online publication date: 10-Sep-2021
https://doi.org/10.1007/978-981-16-5943-0_11

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents