Files in this item

FilesDescriptionFormat

application/pdf

application/pdfSKARLATOS-DISSERTATION-2020.pdf (3MB)Restricted Access
(no description provided)PDF

Description

Title:Rethinking computer architecture and operating system abstractions for good & evil
Author(s):Skarlatos, Dimitrios
Director of Research:Torrellas, Josep
Doctoral Committee Chair(s):Torrellas, Josep
Doctoral Committee Member(s):Fletcher, Christopher W.; Kim, Nam Sung; Kozyrakis, Christos; Soundararajan, Vijayaraghavan; Xu, Tianyin
Department / Program:Computer Science
Discipline:Computer Science
Degree Granting Institution:University of Illinois at Urbana-Champaign
Degree:Ph.D.
Genre:Dissertation
Subject(s):Computer Architecture
Operating System
Computer Security
Virtualization
Containers
Virtual Memory
Side-channels
System calls
Abstract:Computing systems are undergoing a radical shift, propelled by stern security requirements and an unprecedented growth in data and users. This change has proven to be abstraction breaking. Current hardware and Operating System (OS) abstractions were built at a time when we had minimal security threats, scarce compute and memory resources, and limited numbers of users. These assumptions are not representative of today’s computing landscape. On one hand, modern virtualization technologies have enabled the new cloud paradigms of serverless computing and microservices, which have in turn lead to the sharing of computing resources among hundreds of users. On the other hand, attacks such as Spectre and Meltdown have shown that current hardware is plagued by critical vulnerabilities. In this new era of computing, it is urgent that we question the existing abstractions of the OS and hardware layers and rethink their synergy from scratch. This thesis takes the first steps toward answering this question, while following two central themes: (a) uncovering security vulnerabilities and building defenses at the boundary between hardware and OS, and (b) re designing abstractions and interfaces between the two layers to improve performance and scalability. In the first theme, this thesis introduces Microarchitectural Replay Attacks, a new class of attacks that de-noise nearly arbitrary microarchitecture side-channels. In addition, it proposes Jaimais Vu, the first defense against microarchitectural replay attacks. Jaimais Vu uses either hardware only or compiler and OS assisted techniques. The thesis also develops the Draco OS and hardware mechanisms for low-overhead protection of the system call interface by caching validated system calls and arguments. In the second theme, this thesis proposes Elastic Cuckoo Page Tables, a radical rethink of virtual memory translation that enables high translation parallelism. Ongoing work aims to bring the benefits of Elastic Cuckoo Page tables to virtualized environments. This thesis also enhances the scalability of lightweight virtualization by developing the BabelFish mechanisms to share virtual memory translation resources across container processes. Finally, this thesis proposes the PageForge extensions to modern hypervisors for scalable page merging in virtualized environments.
Issue Date:2020-10-01
Type:Thesis
URI:http://hdl.handle.net/2142/109565
Rights Information:Copyright 2020 Dimitrios Skarlatos
Date Available in IDEALS:2021-03-05
Date Deposited:2020-12


This item appears in the following Collection(s)

Item Statistics