Withdraw
Loading…
Rethinking computer architecture and operating system abstractions for good & evil
Skarlatos, Dimitrios
Loading…
Permalink
https://hdl.handle.net/2142/109565
Description
- Title
- Rethinking computer architecture and operating system abstractions for good & evil
- Author(s)
- Skarlatos, Dimitrios
- Issue Date
- 2020-10-01
- Director of Research (if dissertation) or Advisor (if thesis)
- Torrellas, Josep
- Doctoral Committee Chair(s)
- Torrellas, Josep
- Committee Member(s)
- Fletcher, Christopher W.
- Kim, Nam Sung
- Kozyrakis, Christos
- Soundararajan, Vijayaraghavan
- Xu, Tianyin
- Department of Study
- Computer Science
- Discipline
- Computer Science
- Degree Granting Institution
- University of Illinois at Urbana-Champaign
- Degree Name
- Ph.D.
- Degree Level
- Dissertation
- Keyword(s)
- Computer Architecture
- Operating System
- Computer Security
- Virtualization
- Containers
- Virtual Memory
- Side-channels
- System calls
- Abstract
- Computing systems are undergoing a radical shift, propelled by stern security requirements and an unprecedented growth in data and users. This change has proven to be abstraction breaking. Current hardware and Operating System (OS) abstractions were built at a time when we had minimal security threats, scarce compute and memory resources, and limited numbers of users. These assumptions are not representative of today’s computing landscape. On one hand, modern virtualization technologies have enabled the new cloud paradigms of serverless computing and microservices, which have in turn lead to the sharing of computing resources among hundreds of users. On the other hand, attacks such as Spectre and Meltdown have shown that current hardware is plagued by critical vulnerabilities. In this new era of computing, it is urgent that we question the existing abstractions of the OS and hardware layers and rethink their synergy from scratch. This thesis takes the first steps toward answering this question, while following two central themes: (a) uncovering security vulnerabilities and building defenses at the boundary between hardware and OS, and (b) re designing abstractions and interfaces between the two layers to improve performance and scalability. In the first theme, this thesis introduces Microarchitectural Replay Attacks, a new class of attacks that de-noise nearly arbitrary microarchitecture side-channels. In addition, it proposes Jaimais Vu, the first defense against microarchitectural replay attacks. Jaimais Vu uses either hardware only or compiler and OS assisted techniques. The thesis also develops the Draco OS and hardware mechanisms for low-overhead protection of the system call interface by caching validated system calls and arguments. In the second theme, this thesis proposes Elastic Cuckoo Page Tables, a radical rethink of virtual memory translation that enables high translation parallelism. Ongoing work aims to bring the benefits of Elastic Cuckoo Page tables to virtualized environments. This thesis also enhances the scalability of lightweight virtualization by developing the BabelFish mechanisms to share virtual memory translation resources across container processes. Finally, this thesis proposes the PageForge extensions to modern hypervisors for scalable page merging in virtualized environments.
- Graduation Semester
- 2020-12
- Type of Resource
- Thesis
- Permalink
- http://hdl.handle.net/2142/109565
- Copyright and License Information
- Copyright 2020 Dimitrios Skarlatos
Owning Collections
Graduate Dissertations and Theses at Illinois PRIMARY
Graduate Theses and Dissertations at IllinoisDissertations and Theses - Computer Science
Dissertations and Theses from the Dept. of Computer ScienceManage Files
Loading…
Edit Collection Membership
Loading…
Edit Metadata
Loading…
Edit Properties
Loading…
Embargoes
Loading…