Spectre: A Dependable Introspec on Framework via System Management Mode Fengwei Zhang, Kevin Leach, Kun Sun, and Angelos Stavrou. In DSN'13.
Presented by Fengwei Zhang
Wayne State University CSC 6991 Topics in Computer Security 1 Agenda
• Introduc on • Background • System Framework • Experimental Results • Conclusion
Wayne State University CSC 6991 Topics in Computer Security 2 Agenda
• Introduc on • Background • System Framework • Experimental Results • Conclusion
Wayne State University CSC 6991 Topics in Computer Security 3 Introduc on
• Malware detec on and analysis remain an open research problem • Tradi onally, malware detec on is provided by ︎ installing an -malware tools (e.g., an -virus) within the OS • However, these detec on tools are vulnerable to ︎ malware running at the same level (e.g., rootkits) • ’Out-of-box’ introspec on mechanism proposed ︎ for malware detec on and analysis (e.g., Virtual machine introspec on)
Wayne State University CSC 6991 Topics in Computer Security 4 Introduc on
• Virtual Machine Intropsec on (VMI) systems run malware within a VM and use analysis tool to introspect the malware from outside • VMI systems have been widely adopted for malware detec on and ︎ analysis. They isolate the malware detec on so ware from a vulnerable guest [4, 5, 6] • Limita ons of VMI systems: – Large Trusted Compu ng Base (TCB) (e.g., Xen 4.2 has 208K lines of code) – Armored malware can detect the presence of a VM and alter its own execu on (e.g., an -VM techniques) – High performance overhead • We present Spectre, a dependable introspec on framework via system management mode
Wayne State University CSC 6991 Topics in Computer Security 5 Agenda
• Introduc on • Background • System Framework • Experimental Results • Conclusion
Wayne State University CSC 6991 Topics in Computer Security 6 Background
System Management Mode (SMM) • A CPU mode on the x86 Architecture. • A er entering into SMM, it executes the System Management Interrupt (SMI) handler • SMI handler stores at a sealed storage called System Management RAM (SMRAM) • BIOS locks the SMRAM, and the SMRAM is inaccessible from any other CPU modes • SMM-based systems – Integrity checking: HyperGuard [7], HyperCheck [8], – HyperSentry [1] – SMM rootkits [3, 2] – A acks against SMM [9]
Wayne State University CSC 6991 Topics in Computer Security 7 Background
Basic Input and Output System (BIOS) and Coreboot • BIOS code is stored on-vola le ROM, and it is responsible for hardware ini aliza on before OS starts. • Coreboot is an open source project aimed to replace the BIOS in current computer • Spectre uses a custom SMI handler in Coreboot
Wayne State University CSC 6991 Topics in Computer Security 8 Agenda
• Introduc on • Background • System Framework • Experimental Results • Conclusion
Wayne State University CSC 6991 Topics in Computer Security 9 System Framework
Target Machine
SPECTRE system regularly introspects native memory on target machine Monitor Machine
Check kernel data Rebuild Check kernel code Enter Report alerts SMM semantic data Check program data ‘heartbeat’ attack occured? optional custom module ... select module
Wayne State University CSC 6991 Topics in Computer Security 10 System Framework
• Step 1: Periodic triggering of SMM
Target Machine
SPECTRE system regularly introspects native memory on target machine Monitor Machine
Enter SMM
Wayne State University CSC 6991 Topics in Computer Security 11 System Framework
• Step 1: Periodic triggering of SMM • Step 2: Rebuilding seman c informa on
Target Machine
SPECTRE system regularly introspects native memory on target machine Monitor Machine
Enter Rebuild SMM semantic data
Wayne State University CSC 6991 Topics in Computer Security 12 System Framework
• Step 1: Periodic triggering of SMM • Step 2: Rebuilding seman c informa on • Step 3: Running a detec on module
Target Machine
SPECTRE system regularly introspects native memory on target machine Monitor Machine
Check kernel data Enter Rebuild Check kernel code SMM semantic data Check program data optional custom module ... select module
Wayne State University CSC 6991 Topics in Computer Security 13 System Framework
• Step 1: Periodic triggering of SMM • Step 2: Rebuilding seman c informa on • Step 3: Running a detec on module • Step 4: Communica on with monitor server Target Machine
SPECTRE system regularly introspects native memory on target machine Monitor Machine
Check kernel data Rebuild Check kernel code Enter Report alerts SMM semantic data Check program data ‘heartbeat’ attack occured? optional custom module ... select module
Wayne State University CSC 6991 Topics in Computer Security 14 Step 1: Periodic Triggering of SMM
• Two ways to trigger an SMI – So ware-based: write to an ACPI port specified by chipsets – Hardware-based: NIC card, keyboard, mouse, and hardware mer • Hardware-based method is more reliable than so ware-based method, so we use a hardware mer at southbridge to periodically assert an SMI
Wayne State University CSC 6991 Topics in Computer Security 15 Step 2: Rebuilding Seman c Informa on
• SMM only sees the raw memory, and does not know the seman cs of the memory (e.g. OS data structures) • Similar to the seman c gap problem in VMI systems • We manually bridge the seman c gap in our prototype, automa cally bridging (e.g., Virtuoso [6], VMST [4])
PsActiveProcessHead Executive Process Heap List Segment
Static VA of KPCR Segment S0 prev Heap H0 +78h Metadata... 0xffdff000 Heap H1 KPCR KdVersionBlock FirstEntry +34h next Heap H2 LastEntry PEB Heap H3 Entry E1 Executive Process Executive Process Executive Process Heap H4 e.g., “lsass.exe” e.g., “explorer.exe” e.g., “System” ... Data... Heap Hn Other Entry E2 prev prev prev Executive next next next Data... Processes Heap H0 Metadata Entry E3
... Segment S0 Entry ... Heap List Segment S1 Segment S Data... Other heap 2 ...... Handle Table 3 Handle Table 2 Handle Table 1 Entry En tables Segment Sn
Process Environment Block Heap
Wayne State University CSC 6991 Topics in Computer Security 16 Seman c Gap Problem in VMI
• SoK: Introspec ons on Trust and the Seman c Gap. Bhushan Jain, Mirza Basim Baig, Dongli Zhang, Donald E. Porter, and Radu Sion. In S&P'14.
• SMM-based Systems, TrustZone-based Systems, SGX, other hardware isolated execu on environments (HIEEs)
Wayne State University CSC 6991 Topics in Computer Security 17 Step 3: Running a Detec on Module
• We demonstrate the capability of our framework with three memory-based a acks: – Detec ng heap spray a acks – Detec ng heap overflow a acks – Detec ng rootkits • Other checking modules can be extended into Spectre with corresponding detec on algorithm
Wayne State University CSC 6991 Topics in Computer Security 18 Step 4: Communica on with Monitor Machine
• The SMI handler alerts the monitor machine over a serial or Ethernet cable • We port the NIC driver into SMI handler because we do want to trust any code in the OS • ‘Heartbeat’ message can be used to detect denial of service a ack • Exit from SMM and resume OS states
Wayne State University CSC 6991 Topics in Computer Security 19 Agenda
• Introduc on • Background • System Framework • Experimental Results • Conclusion
Wayne State University CSC 6991 Topics in Computer Security 20 Prototype Specifica on
• Hardware ︎ – Motherboard: ASUS-M2V MX SE – CPU: 2.2GHz AMD Sempron LE-1250 – RAM: 2GB Kingston DDR2 – NICs: Integrated NIC and Intel e1000 Gigabit with PCI • So ware ︎ – BIOS: Coreboot+SeaBIOS – OSes: Linux (Cent OS 5.5) and Windows XP SP3
Wayne State University CSC 6991 Topics in Computer Security 21 Memory A acks Detec on
• Run various memory a acks, and measure the detec on me in the SMM • Detec on me = Time at SMM exit - Time at SMM enter
Wayne State University CSC 6991 Topics in Computer Security 22 System Overhead
• Spectre is OS-agnos c, and can detect memory a acks on both Windows and Linux pla orms. • Benchmark: PassMark on Windows and UnixBench on Linux • First, we run different detec on modules, and record their benchmark scores
– Without detec on module – Heap spray detec on module – Heap Overflow detec on module – Rootkits detec on module • Second, we change the SMI triggering rate, and it ranges from 1/16 s to 5s
Wayne State University CSC 6991 Topics in Computer Security 23 System Overhead
• X-coordinate: Sampling interval ︎ • Y-coordinate: Percent overhead
Windows Linux
Without detection module 20% Without detection module Heap spray module Heap spray detection module 20% Heap overflow module 15% Rootkit detection module Rootkit module 10% 10% Percent overhead Percent overhead 5%
0% 0% 5s 2s 1s 1 s 1 s 5s 2s 1s 1 1 2 16 2 s 16 s Sampling interval / s Sampling interval / s
Wayne State University CSC 6991 Topics in Computer Security 24 Comparison with VMI Systems
• Smaller code base–Spectre only trust the BIOS, but VMI systems need to trust hypervisor • More transparent–armored malware with an -VM techniques cannot detect it • Be er Performance
Wayne State University CSC 6991 Topics in Computer Security 25 Agenda
• Introduc on • Background • System Framework • Experimental Results • Conclusion
Wayne State University CSC 6991 Topics in Computer Security 26 Conclusion
• We introduce a hardware-assisted framework ︎ that can examine code across all layers of a running system • Spectre is OS-agnos c and fully transparent to higher level so ware • We have implemented a prototype of our framework in both Linux and Windows, and demonstrates that our system can detect various memory a acks including heap spray, heap overflow and rootkits.
Wayne State University CSC 6991 Topics in Computer Security 27 References
Wayne State University CSC 6991 Topics in Computer Security 28