Name
Abstract | ||
|---|---|---|
To address security issues related to information leakage, microprocessor designers and manufacturers such as ARM and Intel have introduced hardware isolation-based technologies to support secure software execution. However, utilizing such technologies often requires significant efforts to design new applications or refactor existing applications to adhere to the usage protocols. Developers also need to clearly distinguish code sections that can manipulate sensitive data and relocate them to the secure execution environment. These processes can be laborious and error-prone, since over-protection can result in poor application performance and high resource usage, and under-protection may cause exploitable security vulnerabilities. In this paper, we introduce TZSlicer, a framework to automatically identify code that must be protected based on a sensitive variable list provided by developers. TZSlicer automatically identifies code sections that can process sensitive data, extracts those sections from the original program, and creates harness in the original and extracted code sections so that they can interface with each other. We develop a prototype of TZSlicer to support slicing of C programs at function, code block, and code line levels. Also, we identify optimization opportunities to improve the context switching overhead of TZSlicer via applying loop unrolling and variable renaming. We evaluate TZSlicer using seven real-world programs, and the evaluation results indicate that TZSlicer is effective in protecting sensitive data without incurring significant runtime and resource usage overheads. |
Year | DOI | Venue |
|---|---|---|
2018 | 10.1109/HST.2018.8383886 | 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) |
Keywords | Field | DocType |
resource usage overheads,TZSlicer,Security-aware dynamic program slicing,hardware isolation,security issues,information leakage,microprocessor designers,secure software execution,usage protocols,sensitive data,secure execution environment,high resource usage,exploitable security vulnerabilities,sensitive variable list,original program,original extracted code sections,code block,code line levels | Program slicing,CAN bus,Information leakage,Computer science,Slicing,Microprocessor,Loop unrolling,Computer hardware,Code refactoring,Context switch | Conference |
ISBN | Citations | PageRank |
978-1-5386-4732-5 | 1 | 0.38 |
References | Authors | |
10 | 4 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Mengmei Ye | 1 | 6 | 3.21 |
| Jonathan Sherman | 2 | 1 | 0.38 |
| Witawas Srisa-an | 3 | 294 | 28.67 |
| Wei Sheng | 4 | 317 | 32.53 |