We present a micro-architecture based lightweight framework to enhance dependability and security of software against code reuse attack. Different from the prior hardware based approaches for mitigating code reuse attacks, our solution is based on software diversity and instruction level control flow randomization. Generally, software based instruction location randomization (ILR) using binary emulator as a mediation layer has been shown to be effective for thwarting code reuse attacks like return oriented programming (ROP). However, our in-depth studies show that straightforward and naive implementation of ILR at the micro-architecture level will incur major performance deficiencies in terms of instruction fetch and cache utilization. For example, straightforward implementation of ILR increases the first level instruction cache miss rates on average by more than 9 times for a set of SPEC CPU2006 benchmarks. To address these issues, we present a novel micro-architecture design that can support native execution of control flow randomized software binary while at the same time preserve the performance of instruction fetch and efficient use of on-chip caches. The proposed design is evaluated by extending cycle based x86 architecture simulator, XIOSim with validated power simulation. Performance evaluation on SPEC CPU2006 benchmarks shows an average speedup of 1.63 times compared to the hardware implementation of ILR. Using the proposed approach, direct execution of ILR software incurs only 2.1% IPC performance slowdown with a very small hardware overhead.
|Title of host publication||Proceedings - 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2015|
|Publisher||IEEE Computer Society|
|Number of pages||12|
|Publication status||Published - 2015 Sep 14|
|Event||45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2015 - Rio de Janeiro, Brazil|
Duration: 2015 Jun 22 → 2015 Jun 25
|Name||Proceedings of the International Conference on Dependable Systems and Networks|
|Other||45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2015|
|City||Rio de Janeiro|
|Period||15/6/22 → 15/6/25|
Bibliographical notePublisher Copyright:
© 2015 IEEE.
All Science Journal Classification (ASJC) codes
- Hardware and Architecture
- Computer Networks and Communications