Prospect of fine grain dynamic memory access control with profiling

Dongkyun Ahn, Kyung Ho Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Attacks often exploit vulnerabilities in memory to compromise a system or get classified information. In spite of extensive research, attackers are still able to find security holes. In order to address the attacks exploiting vulnerabilities in memory, we propose fine grain dynamic memory access control with profiling. This technique builds profile data for memory accesses with training, and this data is referenced later to check if an access is an allowed legitimate one. To facilitate the fine grain memory access control at a reasonable overhead, instructions and memory words form access group to represent allowed accesses: within one access group, one instruction is accessing at least two memory words or one memory word is accessed by at least two instructions. One access group is assigned with its unique color, and this color is referenced to verify legitimacy of a memory access. In order to handle memory accesses to run-time generated object, we suggest an efficient addressing methods and identifier for associating group information with the object in profiling procedure. To verify its feasibility in statistical point of view, we have implemented our idea in Bochs simulator and results show that memory access control with profiling data can be reliable.

Original languageEnglish
Title of host publicationProceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010
Pages69-74
Number of pages6
DOIs
Publication statusPublished - 2010 Dec 1
Event4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010 - Venice, Italy
Duration: 2010 Jul 182010 Jul 25

Other

Other4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010
CountryItaly
CityVenice
Period10/7/1810/7/25

Fingerprint

Access control
Data storage equipment
Color
Simulators

ASJC Scopus subject areas

  • Computer Science Applications
  • Information Systems

Cite this

Ahn, D., & Lee, K. H. (2010). Prospect of fine grain dynamic memory access control with profiling. In Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010 (pp. 69-74). [5633647] https://doi.org/10.1109/SECURWARE.2010.19

Prospect of fine grain dynamic memory access control with profiling. / Ahn, Dongkyun; Lee, Kyung Ho.

Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010. 2010. p. 69-74 5633647.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Ahn, D & Lee, KH 2010, Prospect of fine grain dynamic memory access control with profiling. in Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010., 5633647, pp. 69-74, 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010, Venice, Italy, 10/7/18. https://doi.org/10.1109/SECURWARE.2010.19
Ahn D, Lee KH. Prospect of fine grain dynamic memory access control with profiling. In Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010. 2010. p. 69-74. 5633647 https://doi.org/10.1109/SECURWARE.2010.19
Ahn, Dongkyun ; Lee, Kyung Ho. / Prospect of fine grain dynamic memory access control with profiling. Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010. 2010. pp. 69-74
@inproceedings{bd441fd4ddf04e15b6aab4ca365e0197,
title = "Prospect of fine grain dynamic memory access control with profiling",
abstract = "Attacks often exploit vulnerabilities in memory to compromise a system or get classified information. In spite of extensive research, attackers are still able to find security holes. In order to address the attacks exploiting vulnerabilities in memory, we propose fine grain dynamic memory access control with profiling. This technique builds profile data for memory accesses with training, and this data is referenced later to check if an access is an allowed legitimate one. To facilitate the fine grain memory access control at a reasonable overhead, instructions and memory words form access group to represent allowed accesses: within one access group, one instruction is accessing at least two memory words or one memory word is accessed by at least two instructions. One access group is assigned with its unique color, and this color is referenced to verify legitimacy of a memory access. In order to handle memory accesses to run-time generated object, we suggest an efficient addressing methods and identifier for associating group information with the object in profiling procedure. To verify its feasibility in statistical point of view, we have implemented our idea in Bochs simulator and results show that memory access control with profiling data can be reliable.",
author = "Dongkyun Ahn and Lee, {Kyung Ho}",
year = "2010",
month = "12",
day = "1",
doi = "10.1109/SECURWARE.2010.19",
language = "English",
isbn = "9780769540955",
pages = "69--74",
booktitle = "Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010",

}

TY - GEN

T1 - Prospect of fine grain dynamic memory access control with profiling

AU - Ahn, Dongkyun

AU - Lee, Kyung Ho

PY - 2010/12/1

Y1 - 2010/12/1

N2 - Attacks often exploit vulnerabilities in memory to compromise a system or get classified information. In spite of extensive research, attackers are still able to find security holes. In order to address the attacks exploiting vulnerabilities in memory, we propose fine grain dynamic memory access control with profiling. This technique builds profile data for memory accesses with training, and this data is referenced later to check if an access is an allowed legitimate one. To facilitate the fine grain memory access control at a reasonable overhead, instructions and memory words form access group to represent allowed accesses: within one access group, one instruction is accessing at least two memory words or one memory word is accessed by at least two instructions. One access group is assigned with its unique color, and this color is referenced to verify legitimacy of a memory access. In order to handle memory accesses to run-time generated object, we suggest an efficient addressing methods and identifier for associating group information with the object in profiling procedure. To verify its feasibility in statistical point of view, we have implemented our idea in Bochs simulator and results show that memory access control with profiling data can be reliable.

AB - Attacks often exploit vulnerabilities in memory to compromise a system or get classified information. In spite of extensive research, attackers are still able to find security holes. In order to address the attacks exploiting vulnerabilities in memory, we propose fine grain dynamic memory access control with profiling. This technique builds profile data for memory accesses with training, and this data is referenced later to check if an access is an allowed legitimate one. To facilitate the fine grain memory access control at a reasonable overhead, instructions and memory words form access group to represent allowed accesses: within one access group, one instruction is accessing at least two memory words or one memory word is accessed by at least two instructions. One access group is assigned with its unique color, and this color is referenced to verify legitimacy of a memory access. In order to handle memory accesses to run-time generated object, we suggest an efficient addressing methods and identifier for associating group information with the object in profiling procedure. To verify its feasibility in statistical point of view, we have implemented our idea in Bochs simulator and results show that memory access control with profiling data can be reliable.

UR - http://www.scopus.com/inward/record.url?scp=79952057720&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=79952057720&partnerID=8YFLogxK

U2 - 10.1109/SECURWARE.2010.19

DO - 10.1109/SECURWARE.2010.19

M3 - Conference contribution

AN - SCOPUS:79952057720

SN - 9780769540955

SP - 69

EP - 74

BT - Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010

ER -