Files in this item

FilesDescriptionFormat

application/pdf

application/pdfJohn_Criswell.pdf (3MB)
(no description provided)PDF

Description

Title:Secure virtual architecture: security for commodity software systems
Author(s):Criswell, John
Director of Research:Adve, Vikram S.
Doctoral Committee Chair(s):Adve, Vikram S.
Doctoral Committee Member(s):Parthasarathy, Madhusudan; King, Samuel T.; Morrisett, Greg
Department / Program:Computer Science
Discipline:Computer Science
Degree Granting Institution:University of Illinois at Urbana-Champaign
Degree:Ph.D.
Genre:Dissertation
Subject(s):secure virtual architecture
computer security
security
compilers
operating systems
LLVM compiler infrastructure project
Low Level Virtual Architecture (LLVA)
Secure Virtual Architecture (SVA)
(Kernel Control Flow Integrity (KCoFI)
Virtual Ghost
memory safety
control flow integrity
compromised operating systems
Abstract:Commodity operating systems are entrusted with providing security to the applications we use everyday, and yet they suffer from the same security vulnerabilities as user-space applications: they are susceptible to memory safety attacks such as buffer overflows, and they can be tricked into dynamically loading malicious code. Worse yet, commodity operating system kernels are highly privileged; exploitation of the kernel results in compromise of all applications on the system. This work describes the Secure Virtual Architecture (SVA): a compiler-based virtual machine placed between the software stack and the hardware that can enforce strong security policies on commodity application and operating system kernel code. This work describes how SVA abstracts hardware/software interactions and program state manipulation so that compiler instrumentation can be used to control these operations, and it shows how SVA can be used to protect both the operating system kernel and applications from attack. Specifically, this work shows how SVA can protect operating system kernels from memory safety attacks; it also shows how SVA prevents a compromised operating system kernel from adversely affecting the execution of trusted applications by providing application memory that the operating system kernel cannot read and write and secure application control flow that the operating system cannot corrupt.
Issue Date:2014-09-16
URI:http://hdl.handle.net/2142/50547
Rights Information:Copyright 2014 John T Criswell
Date Available in IDEALS:2014-09-16
Date Deposited:2014-08


This item appears in the following Collection(s)

Item Statistics