TY - GEN
T1 - SecretSafe
T2 - 41st IEEE Annual Computer Software and Applications Conference, COMPSAC 2017
AU - Wang, Xiaoguang
AU - Qi, Yong
AU - Zhang, Chi
AU - Qi, Saiyu
AU - Wang, Peijian
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/9/7
Y1 - 2017/9/7
N2 - Software memory disclosure attacks, such as buffer over-read, often work quietly and would cause secret data leakage. The well-known OpenSSL Heartbleed vulnerability leaked out millions of servers' private keys, which caused most of the Internet services insecure at that time. Existing solutions are either hard to apply to large code bases (e.g., through formal verification [20] or symbolic execution [8] on program code), or too heavyweight (e.g., by involving a hypervisor software [23], [24] or a modified operating system kernel [17]). In this paper, we propose SecretSafe, a lightweight and easy-to-use system which leverages the traditional x86 segmentation mechanism to isolate the application secrets from the remaining data. Software developers could prevent the secrets from being leaked out by simply declaring the secret variables with SECURE keyword. Our customized compiler will automatically separate the secrets from the remaining non-secret data with an isolated memory segment. Any legal instructions that have to access the secrets will be automatically instrumented to enable accesses to the isolated segment. We have implemented a SecretSafe prototype with the open source LLVM compiler framework. The evaluation shows that SecretSafe is both secure and efficient.
AB - Software memory disclosure attacks, such as buffer over-read, often work quietly and would cause secret data leakage. The well-known OpenSSL Heartbleed vulnerability leaked out millions of servers' private keys, which caused most of the Internet services insecure at that time. Existing solutions are either hard to apply to large code bases (e.g., through formal verification [20] or symbolic execution [8] on program code), or too heavyweight (e.g., by involving a hypervisor software [23], [24] or a modified operating system kernel [17]). In this paper, we propose SecretSafe, a lightweight and easy-to-use system which leverages the traditional x86 segmentation mechanism to isolate the application secrets from the remaining data. Software developers could prevent the secrets from being leaked out by simply declaring the secret variables with SECURE keyword. Our customized compiler will automatically separate the secrets from the remaining non-secret data with an isolated memory segment. Any legal instructions that have to access the secrets will be automatically instrumented to enable accesses to the isolated segment. We have implemented a SecretSafe prototype with the open source LLVM compiler framework. The evaluation shows that SecretSafe is both secure and efficient.
KW - Buffer over-read attack
KW - memory segmentation
KW - vulnerability elimination
UR - https://www.scopus.com/pages/publications/85031915747
U2 - 10.1109/COMPSAC.2017.206
DO - 10.1109/COMPSAC.2017.206
M3 - 会议稿件
AN - SCOPUS:85031915747
T3 - Proceedings - International Computer Software and Applications Conference
SP - 628
EP - 636
BT - Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017
A2 - Demartini, Claudio
A2 - Conte, Thomas
A2 - Nakamura, Motonori
A2 - Lung, Chung-Horng
A2 - Zhang, Zhiyong
A2 - Hasan, Kamrul
A2 - Reisman, Sorel
A2 - Liu, Ling
A2 - Claycomb, William
A2 - Takakura, Hiroki
A2 - Yang, Ji-Jiang
A2 - Tovar, Edmundo
A2 - Cimato, Stelvio
A2 - Ahamed, Sheikh Iqbal
A2 - Akiyama, Toyokazu
PB - IEEE Computer Society
Y2 - 4 July 2017 through 8 July 2017
ER -