An approach to error correction in program code using dynamic optimization in a virtual execution environment

Program code is at risk from a wide range of attack vectors that appear at various stages during the compilation and execution of machine code. The existing approaches for detecting threats in program code have many restrictions in terms of their functionality and the types of threats that can be identified. The paper proposes an approach for detecting timing channels in program code based on just-in-time compilation in a virtual execution environment. Annotations of code permit the management of analyses and transformations. The virtual environment uses both static and dynamic analyses of the intermediate representation of the code and re-compiles such code to be safe. The language of annotations allows us to formulate rules for the detection of timing channels and to manage the amount of time spent on such analyses by adapting the precision of these analyses. The results demonstrate that unlike static compilation of program code, our approach dynamically analyses and transforms large sizes of code in real time. They also demonstrate that the virtual execution environment that uses the proposed approach is efficient.

[1]  Danfeng Zhang,et al.  Predictive mitigation of timing channels in interactive systems , 2011, CCS '11.

[2]  Patrick Cousot,et al.  Andromeda: Accurate and Scalable Security Analysis of Web Applications , 2013, FASE.

[3]  Matthew C. Elder,et al.  Large-Scale Evaluation of a Vulnerability Analysis Framework , 2014, CSET.

[4]  Geoffrey Smith,et al.  Vulnerability Bounds and Leakage Resilience of Blinded Cryptography under Timing Attacks , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[5]  Sen Hu,et al.  Efficient system-enforced deterministic parallelism , 2010, OSDI.

[6]  Martin Monperrus,et al.  A critical review of "automatic patch generation learned from human-written patches": essay on the problem statement and the evaluation of automatic software repair , 2014, ICSE.

[7]  Chet Hosmer,et al.  Data Hiding in Network Protocols , 2013 .

[8]  Michael K. Reiter,et al.  Cross-VM side channels and their use to extract private keys , 2012, CCS.

[9]  Felix FX Lindner,et al.  Vulnerability Extrapolation: Assisted Discovery of Vulnerabilities Using Machine Learning , 2011, WOOT.

[10]  Todd P. Coleman,et al.  Characterizing the Efficacy of the NRL Network Pump in Mitigating Covert Timing Channels , 2012, IEEE Transactions on Information Forensics and Security.

[11]  Michael D. Ernst,et al.  Automatically patching errors in deployed software , 2009, SOSP '09.

[12]  Kenneth B. Kent,et al.  A quantitative analysis of the .NET common language runtime , 2008, J. Syst. Archit..

[13]  Dorit Nuzman,et al.  JIT technology with C/C++ , 2013, ACM Trans. Archit. Code Optim..

[14]  Ding Yuan,et al.  How do fixes become bugs? , 2011, ESEC/FSE '11.

[15]  Johan Agat,et al.  Transforming out timing leaks , 2000, POPL '00.

[16]  Dominique Devriese,et al.  Noninterference through Secure Multi-execution , 2010, 2010 IEEE Symposium on Security and Privacy.

[17]  Jurriaan Hage,et al.  How do professionals perceive legacy systems and software modernization? , 2014, ICSE.

[18]  Ben Hardekopf,et al.  Timing- and Termination-Sensitive Secure Information Flow: Exploring a New Approach , 2011, 2011 IEEE Symposium on Security and Privacy.

[19]  Jean-Pierre Seifert,et al.  Deconstructing new cache designs for thwarting software cache-based side channel attacks , 2008, CSAW '08.

[20]  Trishul M. Chilimbi,et al.  HOLMES: Effective statistical debugging via efficient path profiling , 2009, 2009 IEEE 31st International Conference on Software Engineering.

[21]  Stefan Katzenbeisser,et al.  Robust and Undetectable Steganographic Timing Channels for i.i.d. Traffic , 2010, Information Hiding.

[22]  David Sands,et al.  Probabilistic noninterference for multi-threaded programs , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[23]  Samuel T. King,et al.  ReVirt: enabling intrusion analysis through virtual-machine logging and replay , 2002, OPSR.

[24]  Chet Hosmer,et al.  Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols , 2012 .

[25]  Pietro Ferrara,et al.  Safer unsafe code for .NET , 2008, OOPSLA '08.

[26]  Rolf Riesen,et al.  Accelerating incremental checkpointing for extreme-scale computing , 2013, Future Gener. Comput. Syst..

[27]  Geoffrey Smith,et al.  Secure information flow in a multi-threaded imperative language , 1998, POPL '98.

[28]  Peng Li,et al.  StopWatch: A Cloud Architecture for Timing Channel Mitigation , 2014, TSEC.

[29]  Guru Venkataramani,et al.  CC-Hunter: Uncovering Covert Timing Channels on Shared Processor Hardware , 2014, 2014 47th Annual IEEE/ACM International Symposium on Microarchitecture.

[30]  Kirill Kononenko Demo: Dynamic Neutralization of Data Leakages , 2015, S3@MobiCom.

[31]  Koen De Bosschere,et al.  Practical Mitigations for Timing-Based Side-Channel Attacks on Modern x86 Processors , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[32]  Ruby B. Lee,et al.  New cache designs for thwarting software cache-based side channel attacks , 2007, ISCA '07.

[33]  Bart Coppens,et al.  Compiler mitigations for time attacks on modern x86 processors , 2012, TACO.

[34]  Nicu G. Fruja Towards proving type safety of .NET CIL , 2008, Sci. Comput. Program..

[35]  Claire Le Goues,et al.  GenProg: A Generic Method for Automatic Software Repair , 2012, IEEE Transactions on Software Engineering.

[36]  Roberto Di Pietro,et al.  Silence is Golden: Exploiting Jamming and Radio Silence to Communicate , 2013, TSEC.

[37]  Emery D. Berger,et al.  DieHarder: securing the heap , 2010, CCS '10.

[38]  John C. Wray An Analysis of Covert Timing Channels , 1992, J. Comput. Secur..

[39]  Behrooz Makki,et al.  Channel Capacity Bounds in the Presence of Quantized Channel State Information , 2010, EURASIP J. Wirel. Commun. Netw..

[40]  Dan Grossman,et al.  CoreDet: a compiler and runtime system for deterministic multithreaded execution , 2010, ASPLOS XV.

[41]  Chris Hankin,et al.  Quantifying Timing Leaks and Cost Optimisation , 2008, ICICS.

[42]  Stephen McCamant,et al.  Quantitative information flow as network flow capacity , 2008, PLDI '08.

[43]  Randy Browne,et al.  Mode security: an infrastructure for covert channel suppression , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[44]  Mangala Gowri Nanda,et al.  Fault localization for data-centric programs , 2011, ESEC/FSE '11.

[45]  Andrew C. Myers,et al.  Observational determinism for concurrent program security , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[46]  Maksim E. Shirokov Conditions for coincidence of the classical capacity and entanglement-assisted capacity of a quantum channel , 2012, Probl. Inf. Transm..

[47]  Vikram S. Adve,et al.  LLVA: a low-level virtual instruction set architecture , 2003, Proceedings. 36th Annual IEEE/ACM International Symposium on Microarchitecture, 2003. MICRO-36..

[48]  Peng Li,et al.  Mitigating access-driven timing channels in clouds using StopWatch , 2013, 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[49]  David Brumley,et al.  Remote timing attacks are practical , 2003, Comput. Networks.

[50]  Dipak Ghosal,et al.  A comparative analysis of detection metrics for covert timing channels , 2014, Comput. Secur..

[51]  Sajal K. Das,et al.  Handbook on Securing Cyber-Physical Critical Infrastructure , 2012 .

[52]  Fan Long,et al.  Sound input filter generation for integer overflow errors , 2014, POPL.

[53]  David Schultz,et al.  The Program Counter Security Model: Automatic Detection and Removal of Control-Flow Side Channel Attacks , 2005, ICISC.

[54]  Chester Rebeiro,et al.  Micro-Architectural Analysis of Time-Driven Cache Attacks: Quest for the Ideal Implementation , 2015, IEEE Transactions on Computers.

[55]  Danfeng Zhang,et al.  Language-based control and mitigation of timing channels , 2012, PLDI.

[56]  Frank Yellin,et al.  The Java Virtual Machine Specification , 1996 .

[57]  Hui Liu,et al.  High performance linpack benchmark: a fault tolerant implementation without checkpointing , 2011, ICS '11.

[58]  Bruce E. Hajek,et al.  An information-theoretic and game-theoretic study of timing channels , 2002, IEEE Trans. Inf. Theory.

[59]  Steven Gianvecchio,et al.  An Entropy-Based Approach to Detecting Covert Timing Channels , 2011, IEEE Transactions on Dependable and Secure Computing.

[60]  Kirill Kononenko A unified approach to identifying and healing vulnerabilities in x86 machine code , 2012, Mobicom '12.

[61]  Claire Le Goues,et al.  Representations and operators for improving evolutionary software repair , 2012, GECCO '12.

[62]  Alejandro Russo,et al.  Closing Internal Timing Channels by Transformation , 2006, ASIAN.

[63]  Jonathan K. Millen,et al.  Covert Channel Capacity , 1987, 1987 IEEE Symposium on Security and Privacy.

[64]  James Noble,et al.  Dynamic ownership in a dynamic language , 2007, DLS '07.

[65]  Shiguang Ju,et al.  The Dilemma of Covert Channels Searching , 2005, ICISC.

[66]  Geoffrey Smith,et al.  Eliminating covert flows with minimum typings , 1997, Proceedings 10th Computer Security Foundations Workshop.