TY - JOUR
T1 - Software-driven security attacks
T2 - From vulnerability sources to durable hardware defenses
AU - Biernacki, Lauren
AU - Gallagher, Mark
AU - Xu, Zhixing
AU - Aga, Misiker Tadesse
AU - Harris, Austin
AU - Wei, Shijia
AU - Tiwari, Mohit
AU - Kasikci, Baris
AU - Malik, Sharad
AU - Austin, Todd
N1 - Funding Information:
This work was supported by DARPA under Contract No. HR0011-18-C-0019. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of DARPA. Authors’ addresses: L. Biernacki, M. Gallagher, M. T. Aga, B. Kasikci, and T. Austin, College of Engineering, University of Michigan, Ann Arbor, 2260 Hayward Street, MI 48109; emails: {lbiernac, markgall, misiker, barisk, austin}@umich.edu; Z. Xu and S. Malik, School of Engineering and Applied Science, Princeton University, 41 Olden St., Princeton, NJ 08544; emails: {zhixingx, sharad}@princeton.edu; A. Harris, S. Wei, and M. Tiwari, Cockrell School of Engineering, University of Texas at Austin, 301 E Dean Keeton St., Austin, TX 78705; emails: {austin.harris, shijiawei, tiwari}@austin.utexas.edu. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from permissions@acm.org. © 2021 Association for Computing Machinery. 1550-4832/2021/07-ART42 $15.00 https://doi.org/10.1145/3456299
Publisher Copyright:
© 2021 Association for Computing Machinery.
PY - 2021/7
Y1 - 2021/7
N2 - There is an increasing body of work in the area of hardware defenses for software-driven security attacks. A significant challenge in developing these defenses is that the space of security vulnerabilities and exploits is large and not fully understood. This results in specific point defenses that aim to patch particular vulnerabilities. While these defenses are valuable, they are often blindsided by fresh attacks that exploit new vulnerabilities. This article aims to address this issue by suggesting ways to make future defenses more durable based on an organization of security vulnerabilities as they arise throughout the program life cycle. We classify these vulnerability sources through programming, compilation, and hardware realization, and we show how each source introduces unintended states and transitions into the implementation. Further, we show how security exploits gain control by moving the implementation to an unintended state using knowledge of these sources and how defenses work to prevent these transitions. This framework of analyzing vulnerability sources, exploits, and defenses provides insights into developing durable defenses that could defend against broader categories of exploits. We present illustrative case studies of four important attack genealogies - showing how they fit into the presented framework and how the sophistication of the exploits and defenses have evolved over time, providing us insights for the future.
AB - There is an increasing body of work in the area of hardware defenses for software-driven security attacks. A significant challenge in developing these defenses is that the space of security vulnerabilities and exploits is large and not fully understood. This results in specific point defenses that aim to patch particular vulnerabilities. While these defenses are valuable, they are often blindsided by fresh attacks that exploit new vulnerabilities. This article aims to address this issue by suggesting ways to make future defenses more durable based on an organization of security vulnerabilities as they arise throughout the program life cycle. We classify these vulnerability sources through programming, compilation, and hardware realization, and we show how each source introduces unintended states and transitions into the implementation. Further, we show how security exploits gain control by moving the implementation to an unintended state using knowledge of these sources and how defenses work to prevent these transitions. This framework of analyzing vulnerability sources, exploits, and defenses provides insights into developing durable defenses that could defend against broader categories of exploits. We present illustrative case studies of four important attack genealogies - showing how they fit into the presented framework and how the sophistication of the exploits and defenses have evolved over time, providing us insights for the future.
KW - Implementation information
KW - Security attacks and defenses
KW - Taxonomy
KW - Undefined semantics
KW - Vulnerabilities
UR - http://www.scopus.com/inward/record.url?scp=85122640740&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85122640740&partnerID=8YFLogxK
U2 - 10.1145/3456299
DO - 10.1145/3456299
M3 - Article
AN - SCOPUS:85122640740
SN - 1550-4832
VL - 17
JO - ACM Journal on Emerging Technologies in Computing Systems
JF - ACM Journal on Emerging Technologies in Computing Systems
IS - 3
M1 - 3456299
ER -