Paper Info
Title
Record-Replay Architecture as a General Security Framework
Abstract
Hardware security features need to strike a careful balance between design intrusiveness and completeness of methods. In addition, they need to be flexible, as security threats continuously evolve. To help address these requirements, this paper proposes a novel framework where Record and Deterministic Replay (RnR) is used to complement hardware security features. We call the framework RnR-Safe. RnR-Safe reduces the cost of security hardware by allowing it to be less precise at detecting attacks, potentially reporting false positives. This is because it relies on on-the-fly replay that transparently verifies whether the alarm is a real attack or a false positive. RnR-Safe uses two replayers: an always-on, fast Checkpoint replayer that periodically creates checkpoints, and a detailed-analysis Alarm replayer that is triggered when there is a threat alarm. As an example application, we use RnR-Safe to thwart Return Oriented Programming (ROP) attacks, including on the Linux kernel. Our design augments the Return Address Stack (RAS) with relatively inexpensive hardware. We evaluate RnR-Safe using a variety of workloads on virtual machines running Linux. We find that RnR-Safe is very effective. Thanks to the judicious RAS hardware extensions and hypervisor changes, the checkpointing replayer has an execution speed comparable to the recorded execution. Also, the alarm replayer needs to handle very few false positives.
Year
DOI
Venue
2018
10.1109/HPCA.2018.00025
2018 IEEE International Symposium on High Performance Computer Architecture (HPCA)
Keywords
Field
DocType
Record and Deterministic Replay,Hardware Security,Return Oriented Programming
Kernel (linear algebra),Virtual machine,Hardware security module,Computer science,ALARM,Hypervisor,Real-time computing,Return-oriented programming,Linux kernel,Embedded system,False positive paradox
Conference
ISSN
ISBN
Citations 
1530-0897
978-1-5386-3660-2
2
PageRank 
References 
Authors
0.38
50
5
Name
Order
Citations
PageRank
Yasser Shalabi180.90
Meng-Jia Yan2827.31
Nima Honarmand31477.30
Ruby Lee42460261.28
Josep Torrellas59312.62