DOCSLIB.ORG

Cosmix: a Compiler-Based System for Secure Memory Instrumentation

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cosmix: a Compiler-Based System for Secure Memory Instrumentation CoSMIX: A Compiler-based System for Secure Memory Instrumentation and Execution in Enclaves Meni Orenbach, Technion; Yan Michalevsky, Anjuna Security; Christof Fetzer, TU Dresden; Mark Silberstein, Technion https://www.usenix.org/conference/atc19/presentation/orenbach This paper is included in the Proceedings of the 2019 USENIX Annual Technical Conference. July 10–12, 2019 • Renton, WA, USA ISBN 978-1-939133-03-8 Open access to the Proceedings of the 2019 USENIX Annual Technical Conference is sponsored by USENIX. CoSMIX: A Compiler-based System for Secure Memory Instrumentation and Execution in Enclaves Meni Orenbach Yan Michalevsky Christof Fetzer Mark Silberstein Technion Anjuna Security TU Dresden Technion Abstract compression [44], disaggregation [39, 75], distributed shared memory [36, 46] and heterogeneous memory support [37]. Hardware secure enclaves are increasingly used to run com- With the emergence of Software Guard Extensions (SGX) plex applications. Unfortunately, existing and emerging en- for Trusted Execution in Intel CPUs [16, 55], applications clave architectures do not allow secure and efficient implemen- are increasingly ported to be entirely executed in hardware- tation of custom page fault handlers. This limitation impedes enforced enclaves [58, 45, 23, 25]. The enclave hardware pro- in-enclave use of secure memory-mapped files and prevents tects them from attacks by a powerful privileged adversary, extensions of the application memory layer commonly used in such as a malicious OS or a hypervisor. A number of recent untrusted systems, such as transparent memory compression systems facilitate the porting to SGX by shielding unmodified or access to remote memory. applications in an enclave [21, 81, 18]. Unfortunately, these CoSMIX is a Compiler-based system for Secure Memory systems do not allow secure overriding of page fault handling Instrumentation and eXecution of applications in secure en- in enclave applications. This drawback complicates porting a claves. A novel memory store abstraction allows implementa- large class of applications that use memory-mapped files to tion of application-level secure page fault handlers that are SGX. Further, it prevents SGX applications from using secu- invoked by a lightweight enclave runtime. The CoSMIX com- rity and performance enhancements, such as efficient mem- piler instruments the application memory accesses to use one ory paging [61] and Oblivious RAM (ORAM) side-channel or more memory stores, guided by a global instrumentation protection [67, 11, 88] without intrusive application modifi- policy or code annotations without changing application code. cations. Our goal is to eliminate these constraints. The CoSMIX prototype runs on Intel SGX and is com- For example, consider the task of running an SQLite patible with popular SGX execution environments, including database that uses memory-mapped files in the enclave. The SCONE and Graphene. Our evaluation of several production database file must be encrypted to ensure data confidentiality. applications shows how CoSMIX improves their security and Enabling in-enclave execution of SQLite therefore requires performance by recompiling them with appropriate memory support for encrypted memory-mapped files, which in turn stores. For example, unmodified Redis and Memcached key- implies that the page fault handler must be executed securely value stores achieve about 2× speedup by using a self-paging as well. Unfortunately, hardware enclaves available today memory store while working on datasets up to 6× larger do not support secure page faults. Instead, existing solutions than the enclave’s secure memory. Similarly, annotating a use workarounds, such as eagerly reading and decrypting the single line of code in a biometric verification server changes whole mapped file region into trusted enclave memory [18]. it to store its sensitive data in Oblivious RAM and makes it This solution does not scale to large files and lacks the perfor- resilient against SGX side-channel attacks. mance benefits of on-demand data access. We argue that the problem is rooted in the fundamental lim- 1 Introduction itation of SGX architecture, which does not provide the mech- anism to define secure page fault handlers. The upcoming Virtual Memory is integral to modern processor architectures. SGX-V2 [54, 86, 43] will not solve this problem either. More- In addition to its primary role in physical memory manage- over, we observe that existing and emerging secure enclave ment, it empowers developers to extend the standard mem- architectures [28,4, 34] suffer from similar limitations(§2). ory layer with custom data storage mechanisms in software. In this work, we build CoSMIX, a compiler and a For example, the memory-mapped file abstraction, which is lightweight enclave runtime that overcomes the SGX architec- broadly used, e.g., in databases [10, 5], relies on the OS’s tural limitations and enables secure and efficient extensions page fault handler to map a frame and populate it with the con- to the memory layer of unmodified applications running in tents of a file. Replacing accesses to physical memory with enclaves. We introduce a memory store, (mstore), a program- file accesses requires no application code changes. Therefore, ming abstraction for implementing custom memory manage- the ability to override page fault behavior has been essential ment extensions for enclaves. The CoSMIX compiler auto- for implementing a range of system services, such as memory matically instruments application code to allocate the selected USENIX Association 2019 USENIX Annual Technical Conference 555 variables and memory buffers in the mstore, replacing the ac- well as on unmodified production servers: memcached, Redis, cesses to enclave memory with the accesses to the mstore. SQLite, and a biometric verification server [61]. The compiler The mstore logic runs in the enclave as part of the application. is able to correctly instrument all of these applications, some The CoSMIX runtime securely invokes the mstore memory with hundreds of thousands of lines of code (LOC), without management callbacks, which include custom page fault han- the need to manually change the application code. dlers. The page faults are semantically equivalent to hardware Our microbenchmarks using Phoenix with SUVM and se- page faults yet are triggered by the CoSMIX runtime. cure mmap mstores show that CoSMIX instrumentation results An mstore can implement the missing functionalities that in a low geometric mean overhead of 20%. require secure page fault handlers. For example, it may pro- For the end-to-end evaluation, we run memcached and Re- vide the secure mmap functionality by implementing the page dis key value stores on 600 MB datasets – each about 6× fault handler that accesses the file and decrypts it into the the size of the secure physical memory available to SGX en- application buffer. A more advanced mstore may add its own claves. In this setting, SGX hardware paging significantly in-memory cache analogous to an OS page cache, to avoid affects the performance. The SUVM [61] mstore aims to opti- costly accesses to the underlying storage layer. CoSMIX sup- mize exactly this scenario. To use it, we only annotate the item ports several types of mstores, adjusting the runtime to handle allocator in memcached (a single line of code) and compile it different mstore behaviors while optimizing the performance. with CoSMIX. Redis is compiled without adding annotations. CoSMIX allows the use of multiple mstores in the same The instrumented versions of both servers achieve about 2× program. This can be used, for example, to leverage both speedup compared to their respective vanilla SGX baselines. secure mmap mstore and an ORAM mstore for side-channel In another experiment, we evaluate a biometric verification protection. Additionally, CoSMIX supports stacking of mul- server with a database storing 256 MB of sensitive data. We tiple mstores to enable their efficient composition and reuse. use the ORAM mstore to protect it from SGX controlled side- We design and prototype three sophisticated mstores in §3.2.5, channel attacks [87] that may leak sensitive database access and demonstrate the benefits of stacking in §4.5. statistics. We annotate the buffers containing this database CoSMIX’s design focuses on two primary goals: (1) mini- (one line of code) to use ORAM. The resulting ORAM- mizing the application modifications to use mstores and (2) enhanced application provides security guarantees similar reducing the instrumentation performance overheads. We in- to other ORAM systems for SGX, such as ZeroTrace [67], yet troduce the following mechanisms to achieve them: without modifying the application source code. ORAM sys- Automatic inference of pointer types. CoSMIX does not tems are known to result in dramatic performance penalties of require annotating every access to a pointer. Instead, it uses several orders of magnitude [26]. However, our hardened ap- inter-procedural pointer analysis [17] to determine the type of plication is only 5:8× slower than the vanilla SGX thanks to the mstore (or plain memory) to use for each pointer. When the benefits of selective instrumentation enabled by CoSMIX. the static analysis is inconclusive, CoSMIX uses tagged point- To summarize, our contributions are as follows: ers [47, 74, 13] with the mstore type encoded in the unused • Design of a compiler and an mstore abstraction for trans- Most Significant Bits, enabling runtime detection (§3.3.1). parent secure memory instrumentation
Load more

Recommended publications
  • An Event-Driven Embedded Operating System for Miniature Robots
    This is a repository copy of OpenSwarm: an event-driven embedded operating system for miniature robots. White Rose Research Online URL for this paper: http://eprints.whiterose.ac.uk/110437/ Version: Accepted Version Proceedings Paper: Trenkwalder, S.M., Lopes, Y.K., Kolling, A. et al. (3 more authors) (2016) OpenSwarm: an event-driven embedded operating system for miniature robots. In: Proceedings of IROS 2016. 2016 IEEE/RSJ International Conference on Intelligent Robots and Systems, 09-14 Oct 2016, Daejeon, Korea. IEEE . ISBN 978-1-5090-3762-9 https://doi.org/10.1109/IROS.2016.7759660 © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works. Reuse Items deposited in White Rose Research Online are protected by copyright, with all rights reserved unless indicated otherwise. They may be downloaded and/or printed for private study, or other acts as permitted by national copyright laws. The publisher or other rights holders may allow further reproduction and re-use of the full text version. This is indicated by the licence information on the White Rose Research Online record for the item. Takedown If you consider content in White Rose Research Online to be in breach of UK law, please notify us by emailing [email protected] including the URL of the record and the reason for the withdrawal request.
    [Show full text]
  • Memory Deduplication: An
    1 Memory Deduplication: An Effective Approach to Improve the Memory System Yuhui Deng1,2, Xinyu Huang1, Liangshan Song1, Yongtao Zhou1, Frank Wang3 1Department of Computer Science, Jinan University, Guangzhou, 510632, P. R. China {[email protected][email protected][email protected][email protected]} 2Key Laboratory of Computer System and Architecture, Chinese Academy of Sciences Beijing, 100190, PR China 3 School of Computing,University of Kent, CT27NF, UK [email protected] Abstract— Programs now have more aggressive demands of memory to hold their data than before. This paper analyzes the characteristics of memory data by using seven real memory traces. It observes that there are a large volume of memory pages with identical contents contained in the traces. Furthermore, the unique memory content accessed are much less than the unique memory address accessed. This is incurred by the traditional address-based cache replacement algorithms that replace memory pages by checking the addresses rather than the contents of those pages, thus resulting in many identical memory contents with different addresses stored in the memory. For example, in the same file system, opening two identical files stored in different directories, or opening two similar files that share a certain amount of contents in the same directory, will result in identical data blocks stored in the cache due to the traditional address-based cache replacement algorithms. Based on the observations, this paper evaluates memory compression and memory deduplication. As expected, memory deduplication greatly outperforms memory compression. For example, the best deduplication ratio is 4.6 times higher than the best compression ratio.
    [Show full text]
  • What Are the Problems with Embedded Linux?
    What Are the Problems with Embedded Linux? Every Operating System Has Benefits and Drawbacks Linux is ubiquitous. It runs most internet servers, is inside Android* smartphones, and is used on millions of embedded systems that, in the past, ran Real-Time Operating Systems (RTOSes). Linux can (and should) be used were possible for embedded projects, but while it gives you extreme choice, it also presents the risk of extreme complexity. What, then, are the trade-offs between embedded Linux and an RTOS? In this article, we cover some key considerations when evaluating Linux for a new development: ■ Design your system architecture first ■ What is Linux? ■ Linux vs. RTOSes ■ Free software is about liberty—not price ■ How much does Embedded Linux cost? ■ Why pay for Embedded Linux? ■ Should you buy Embedded Linux or roll-your-own (RYO)? ■ To fork or not to fork? ■ Software patching ■ Open source licensing ■ Making an informed decision The important thing is not whether Linux or an RTOS is “the best,” but whether either operating system—or both together—makes the most technical and financial sense for your project. We hope this article helps you make an informed decision. Design Your System Architecture First It is important to design your system architecture first—before choosing either Linux or an RTOS—because both choices can limit architectural freedom. You may discover that aspects of your design require neither Linux nor an RTOS, making your design a strong candidate for a heterogeneous approach that includes one or more bare-metal environments (with possibly a Linux and/or RTOS environment as well).
    [Show full text]
  • Co-Optimizing Performance and Memory Footprint Via Integrated CPU/GPU Memory Management, an Implementation on Autonomous Driving Platform
    2020 IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS) Co-Optimizing Performance and Memory Footprint Via Integrated CPU/GPU Memory Management, an Implementation on Autonomous Driving Platform Soroush Bateni*, Zhendong Wang*, Yuankun Zhu, Yang Hu, and Cong Liu The University of Texas at Dallas Abstract—Cutting-edge embedded system applications, such as launches the OpenVINO toolkit for the edge-based deep self-driving cars and unmanned drone software, are reliant on learning inference on its integrated HD GPUs [4]. integrated CPU/GPU platforms for their DNNs-driven workload, Despite the advantages in SWaP features presented by the such as perception and other highly parallel components. In this work, we set out to explore the hidden performance im- integrated CPU/GPU architecture, our community still lacks plication of GPU memory management methods of integrated an in-depth understanding of the architectural and system CPU/GPU architecture. Through a series of experiments on behaviors of integrated GPU when emerging autonomous and micro-benchmarks and real-world workloads, we find that the edge intelligence workloads are executed, particularly in multi- performance under different memory management methods may tasking fashion. Specifically, in this paper we set out to explore vary according to application characteristics. Based on this observation, we develop a performance model that can predict the performance implications exposed by various GPU memory system overhead for each memory management method based management (MM) methods of the integrated CPU/GPU on application characteristics. Guided by the performance model, architecture. The reason we focus on the performance impacts we further propose a runtime scheduler.
    [Show full text]
  • Red Hat Enterprise Linux 6 Developer Guide
    Red Hat Enterprise Linux 6 Developer Guide An introduction to application development tools in Red Hat Enterprise Linux 6 Dave Brolley William Cohen Roland Grunberg Aldy Hernandez Karsten Hopp Jakub Jelinek Developer Guide Jeff Johnston Benjamin Kosnik Aleksander Kurtakov Chris Moller Phil Muldoon Andrew Overholt Charley Wang Kent Sebastian Red Hat Enterprise Linux 6 Developer Guide An introduction to application development tools in Red Hat Enterprise Linux 6 Edition 0 Author Dave Brolley [email protected] Author William Cohen [email protected] Author Roland Grunberg [email protected] Author Aldy Hernandez [email protected] Author Karsten Hopp [email protected] Author Jakub Jelinek [email protected] Author Jeff Johnston [email protected] Author Benjamin Kosnik [email protected] Author Aleksander Kurtakov [email protected] Author Chris Moller [email protected] Author Phil Muldoon [email protected] Author Andrew Overholt [email protected] Author Charley Wang [email protected] Author Kent Sebastian [email protected] Editor Don Domingo [email protected] Editor Jacquelynn East [email protected] Copyright © 2010 Red Hat, Inc. and others. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
    [Show full text]
  • Atmospheric Modelling and HPC
    Atmospheric Modelling and HPC Graziano Giuliani ICTP – ESP Trieste, 1 October 2015 NWP and Climate Codes ● Legacy code from the '60 : FORTRAN language ● Path and Dynamic Libraries ● Communication Libraries ● I/O format Libraries ● Data analysis tools and the data deluge http://clima-dods.ictp.it/Workshops/smr2761 Materials ● This presentation: – atmospheric_models_and_hpc.pdf ● Codes: – codes.tar.gz ● Download both, uncompress codes: – cp codes.tar.gz /scratch – cd /scratch – tar zxvf codes.tar.gz Legacy code ● Numerical Weather Prediction uses mathematical models of the atmosphere and oceans to predict the weather based on current weather conditions. ● MOST of the NWP and climate codes can push their roots back in the 1960-1970 ● The NWP problem was one of the target problem which led to the Computer Era: the ENIAC was used to create the first weather forecasts via computer in 1950. ● Code grows by ACCRETION FORTRAN and FortranXX ● Fortran Programming Language is a general-purpose, imperative programming language that is especially suited to numeric computation and scientific computing. ● Originally developed by IBM in the 1950s for scientific and engineering applications ● Its standard is controlled by an ISO comitee: the most recent standard, ISO/IEC 1539-1:2010, informally known as Fortran 2008, was approved in September 2010. ● Needs a compiler to translate code into executable Fortran Compilers ● http://fortranwiki.org ● Most of the High Performance Compilers are Commercial, and “SuperComputer” vendors usually provide their HIGH OPTIMIZED version of Fortran Compiler. ● Some part of the Standard are left “COMPILER SPECIFIC”, opening for incompatibility among the binary formats produced by different compilers. The Fortran .mod files ● Fortran 90 introduced into the language the modules: module my_mod contains subroutine mysub(a,b) real , intent(in) :: a real , intent(out) :: b end subroutine mysub end module my_mod ● The compiler creates the object file and a .mod file compiling the above code.
    [Show full text]
  • Murciano Soto, Joan; Rexachs Del Rosario, Dolores Isabel, Dir
    This is the published version of the bachelor thesis: Murciano Soto, Joan; Rexachs del Rosario, Dolores Isabel, dir. Anàlisi de presta- cions de sistemes d’emmagatzematge per IA. 2021. (958 Enginyeria Informàtica) This version is available at https://ddd.uab.cat/record/248510 under the terms of the license TFG EN ENGINYERIA INFORMATICA,` ESCOLA D’ENGINYERIA (EE), UNIVERSITAT AUTONOMA` DE BARCELONA (UAB) Analisi` de prestacions de sistemes d’emmagatzematge per IA Joan Murciano Soto Resum– Els programes d’Intel·ligencia` Artificial (IA) son´ programes que fan moltes lectures de fitxers per la seva naturalesa. Aquestes lectures requereixen moltes crides a dispositius d’emmagatzematge, i aquestes poden comportar endarreriments en l’execucio´ del programa. L’ample de banda per transportar dades de disc a memoria` o viceversa pot esdevenir en un bottleneck, incrementant el temps d’execucio.´ De manera que es´ important saber detectar en aquest tipus de programes, si les entrades/sortides (E/S) del nostre sistema se saturen. En aquest treball s’estudien diferents programes amb altes quantitats de lectures a disc. S’utilitzen eines de monitoritzacio,´ les quals ens informen amb metriques` relacionades amb E/S a disc. Tambe´ veiem l’impacte que te´ el swap, el qual tambe´ provoca un increment d’operacions d’E/S. Aquest document preten´ mostrar la metodologia utilitzada per a realitzar l’analisi` descrivint les eines i els resultats obtinguts amb l’objectiu de que serveixi de guia per a entendre el comportament i l’efecte de les E/S i el swap. Paraules clau– E/S, swap, IA, monitoritzacio.´ Abstract– Artificial Intelligence (IA) programs make many file readings by nature.
    [Show full text]
  • Performance Study of Real-Time Operating Systems for Internet Of
    IET Software Research Article ISSN 1751-8806 Performance study of real-time operating Received on 11th April 2017 Revised 13th December 2017 systems for internet of things devices Accepted on 13th January 2018 E-First on 16th February 2018 doi: 10.1049/iet-sen.2017.0048 www.ietdl.org Rafael Raymundo Belleza1 , Edison Pignaton de Freitas1 1Institute of Informatics, Federal University of Rio Grande do Sul, Av. Bento Gonçalves, 9500, CP 15064, Porto Alegre CEP: 91501-970, Brazil E-mail: [email protected] Abstract: The development of constrained devices for the internet of things (IoT) presents lots of challenges to software developers who build applications on top of these devices. Many applications in this domain have severe non-functional requirements related to timing properties, which are important concerns that have to be handled. By using real-time operating systems (RTOSs), developers have greater productivity, as they provide native support for real-time properties handling. Some of the key points in the software development for IoT in these constrained devices, like task synchronisation and network communications, are already solved by this provided real-time support. However, different RTOSs offer different degrees of support to the different demanded real-time properties. Observing this aspect, this study presents a set of benchmark tests on the selected open source and proprietary RTOSs focused on the IoT. The benchmark results show that there is no clear winner, as each RTOS performs well at least on some criteria, but general conclusions can be drawn on the suitability of each of them according to their performance evaluation in the obtained results.
    [Show full text]
  • CCPP Technical Documentation Release V3.0.0
    CCPP Technical Documentation Release v3.0.0 J. Schramm, L. Bernardet, L. Carson, G. Firl, D. Heinzeller, L. Pan, and M. Zhang Jun 17, 2019 For referencing this document please use: Schramm, J., L. Bernardet, L. Carson, G. Firl, D. Heinzeller, L. Pan, and M. Zhang, 2019. CCPP Technical Documentation Release v3.0.0. 91pp. Available at https://dtcenter.org/GMTB/v3.0/ccpp_tech_guide.pdf. CONTENTS 1 CCPP Overview 1 1.1 How to Use this Document........................................4 2 CCPP-Compliant Physics Parameterizations7 2.1 General Rules..............................................8 2.2 Input/output Variable (argument) Rules.................................9 2.3 Coding Rules............................................... 10 2.4 Parallel Programming Rules....................................... 11 2.5 Scientific Documentation Rules..................................... 12 2.5.1 Doxygen Comments and Commands.............................. 12 2.5.2 Doxygen Documentation Style................................. 13 2.5.3 Doxygen Configuration..................................... 18 2.5.4 Using Doxygen......................................... 20 3 CCPP Configuration and Build Options 23 4 Constructing Suites 27 4.1 Suite Definition File........................................... 27 4.1.1 Groups............................................. 27 4.1.2 Subcycling........................................... 27 4.1.3 Order of Schemes........................................ 28 4.2 Interstitial Schemes........................................... 28 4.3 SDF Examples.............................................
    [Show full text]
  • Strict Memory Protection for Microcontrollers
    Master Thesis Spring 2019 Strict Memory Protection for Microcontrollers Erlend Sveen Supervisor: Jingyue Li Co-supervisor: Magnus Själander Sunday 17th February, 2019 Abstract Modern desktop systems protect processes from each other with memory protection. Microcontroller systems, which lack support for memory virtualization, typically only uses memory protection for areas that the programmer deems necessary and does not separate processes completely. As a result the application still appears monolithic and only a handful of errors may be detected. This thesis presents a set of solutions for complete separation of processes, unleash- ing the full potential of the memory protection unit embedded in modern ARM-based microcontrollers. The operating system loads multiple programs from disk into indepen- dently protected portions of memory. These programs may then be started, stopped, modified, crashed etc. without affecting other running programs. When loading pro- grams, a new allocation algorithm is used that automatically aligns the memories for use with the protection hardware. A pager is written to satisfy additional run-time demands of applications, and communication primitives for inter-process communication is made available. Since every running process is unable to get access to other running processes, not only reliability but also security is improved. An application may be split so that unsafe or error-prone code is separated from mission-critical code, allowing it to be independently restarted when an error occurs. With executable and writeable memory access rights being mutually exclusive, code injection is made harder to perform. The solution is all transparent to the programmer. All that is required is to split an application into sub-programs that operates largely independently.
    [Show full text]
  • Our Tas Top 11 Technologies of the Decade Tinyos and Nesc Hardware Evolu On
    Our TAs Top 11 Technologies of the Decade Mo Sha Yong Fu 1.! Smartphones 7.! Drone Aircra • [email protected]" •! [email protected]" •! TinyOS tutorial." •! Grade critiques." 2.! Social Networking 8.! Planetary Rovers •! Help students with projects." •! Office Hour: by appointment." 3.! Voice over IP 9.! Flexible AC •! Manage motes." •! Bryan 502D Transmission •! Grade projects." 4.! LED Lighng •! Office Hour: Tue/Thu 5:30-6." 5.! Mul@core CPUs 10.!Digital Photography •! Bryan 502A 6.! Cloud Compung 11.!Class-D Audio Chenyang Lu 1 Chenyang Lu 2 TinyOS and nesC Hardware Evoluon ! TinyOS: OS for wireless sensor networks. ! Miniature devices manufactured economically ! nesC: programming language for TinyOS. ! Microprocessors ! Sensors/actuators ! Wireless chips 4.5’’X2.4’’ 1’’X1’’ 1 mm2 1 nm2 Chenyang Lu 4 Chenyang Lu 3 Mica2 Mote Hardware Constraints ! Processor ! Microcontroller: 7.4 MHz, 8 bit Severe constraints on power, size, and cost ! Memory: 4KB data, 128 KB program ! slow microprocessor ! Radio ! low-bandwidth radio ! Max 38.4 Kbps ! limited memory ! Sensors ! limited hardware parallelism CPU hit by many interrupts! ! Light, temperature, acceleraon, acous@c, magne@c… ! manage sleep modes in hardware components ! Power ! <1 week on two AA baeries in ac@ve mode ! >1 year baery life on sleep modes! Chenyang Lu 5 Chenyang Lu 6 Soware Challenges Tradional OS ! Small memory footprint ! Mul@-threaded ! Efficiency - power and processing ! Preemp@ve scheduling ! Concurrency-intensive operaons ! Threads: ! Diversity in applicaons & plaorm efficient modularity ! ready to run; ! Support reconfigurable hardware and soJware executing ! execu@ng on the CPU; ! wai@ng for data. gets CPU preempted needs data gets data ready waiting needs data Chenyang Lu 7 Chenyang Lu 8 Pros and Cons of Tradional OS Example: Preempve Priority Scheduling ! Each process has a fixed priority (1 highest); ! Mul@-threaded + preemp@ve scheduling ! P1: priority 1; P2: priority 2; P3: priority 3.
    [Show full text]
  • Hiding Process Memory Via Anti-Forensic Techniques
    DIGITAL FORENSIC RESEARCH CONFERENCE Hiding Process Memory via Anti-Forensic Techniques By: Frank Block (Friedrich-Alexander Universität Erlangen-Nürnberg (FAU) and ERNW Research GmbH) and Ralph Palutke (Friedrich-Alexander Universität Erlangen-Nürnberg) From the proceedings of The Digital Forensic Research Conference DFRWS USA 2020 July 20 - 24, 2020 DFRWS is dedicated to the sharing of knowledge and ideas about digital forensics research. Ever since it organized the first open workshop devoted to digital forensics in 2001, DFRWS continues to bring academics and practitioners together in an informal environment. As a non-profit, volunteer organization, DFRWS sponsors technical working groups, annual conferences and challenges to help drive the direction of research and development. https://dfrws.org Forensic Science International: Digital Investigation 33 (2020) 301012 Contents lists available at ScienceDirect Forensic Science International: Digital Investigation journal homepage: www.elsevier.com/locate/fsidi DFRWS 2020 USA d Proceedings of the Twentieth Annual DFRWS USA Hiding Process Memory Via Anti-Forensic Techniques Ralph Palutke a, **, 1, Frank Block a, b, *, 1, Patrick Reichenberger a, Dominik Stripeika a a Friedrich-Alexander Universitat€ Erlangen-Nürnberg (FAU), Germany b ERNW Research GmbH, Heidelberg, Germany article info abstract Article history: Nowadays, security practitioners typically use memory acquisition or live forensics to detect and analyze sophisticated malware samples. Subsequently, malware authors began to incorporate anti-forensic techniques that subvert the analysis process by hiding malicious memory areas. Those techniques Keywords: typically modify characteristics, such as access permissions, or place malicious data near legitimate one, Memory subversion in order to prevent the memory from being identified by analysis tools while still remaining accessible.
    [Show full text]