An Architecture A Day Keeps The Hacker Away David A. Holland, Ada - - PowerPoint PPT Presentation

an architecture a day keeps the hacker away
SMART_READER_LITE
LIVE PREVIEW

An Architecture A Day Keeps The Hacker Away David A. Holland, Ada - - PowerPoint PPT Presentation

Oct 29, 2022 97 likes •266 views

An Architecture A Day Keeps The Hacker Away David A. Holland, Ada T. Lim, Margo I. Seltzer Harvard University Division of Engineering and Applied Sciences { dholland,ada,margo } @eecs.harvard.edu Weve got a problem. Why? Attacks are

slide-1
SLIDE 1

An Architecture A Day Keeps The Hacker Away

David A. Holland, Ada T. Lim, Margo I. Seltzer

Harvard University Division of Engineering and Applied Sciences

{dholland,ada,margo}@eecs.harvard.edu

slide-2
SLIDE 2

We’ve got a problem.

Why?

  • Attacks are increasing.
  • More exposed bad code than ever before.
  • Patching systems doesn’t scale.
  • Mindless automated attacks do scale.

Monoculture makes the world more fragile.

2 WASSA / October 9, 2004

slide-3
SLIDE 3

System/390 to the rescue!

Many, perhaps most, attacks are

  • binary;
  • not portable;
  • written for the most popular platforms.

Use something else!

  • Anecdotally, widely done.
  • Doesn’t scale.

3 WASSA / October 9, 2004

slide-4
SLIDE 4

Well, we can fix that.

Making your own is too hard...

  • Design and fab chips?
  • Port the compiler and OS?

...or is it?

  • Virtual machine monitors.
  • Machine descriptions.

4 WASSA / October 9, 2004

slide-5
SLIDE 5

This scales, too.

Now anyone can make up their own machine. Or you can generate machines randomly. How does that work?

5 WASSA / October 9, 2004

slide-6
SLIDE 6

Simpleminded example:

Pick the byte size:

  • 8 bits, 16 bits...
  • 9 bits? 10 bits?

Pick the word size:

  • 32 bits, 64 bits...
  • 36 bits? 40 bits?

Pick the endianness.

6 WASSA / October 9, 2004

slide-7
SLIDE 7

What does this buy us?

A lot:

  • Rules out a broad class of attacks.
  • Blocks even novel exploit techniques.
  • Single comprehensive approach.
  • Puts script kiddies out of business! Maybe.

Doesn’t walk the dog, though.

7 WASSA / October 9, 2004

slide-8
SLIDE 8

Are there enough machines?

We draw a distinction:

  • Code injection attacks;
  • State corruption attacks.

We have overkill for code injection. State corruption is harder to handle.

8 WASSA / October 9, 2004

slide-9
SLIDE 9

Caveats

Can exploits be generated from machine descriptions? Is your machine description secret? Can one attack whole sets of machines at once?

9 WASSA / October 9, 2004

slide-10
SLIDE 10

Reliability QA is going to love this.

10 WASSA / October 9, 2004

slide-11
SLIDE 11

Reliability QA is going to love this. QA is going to love this.

10 WASSA / October 9, 2004

slide-12
SLIDE 12

What will it take?

Making the general source base portable. Lots of toolchain engineering. Some research remains.

11 WASSA / October 9, 2004

slide-13
SLIDE 13

Should we take the trouble?

It costs a lot. But it buys us a lot.

12 WASSA / October 9, 2004

slide-14
SLIDE 14

Should we take the trouble?

Yes.

12 WASSA / October 9, 2004

slide-15
SLIDE 15

An Architecture A Day Keeps The Hacker Away

David A. Holland, Ada T. Lim, Margo I. Seltzer

Harvard University Division of Engineering and Applied Sciences

{dholland,ada,margo}@eecs.harvard.edu http://www.eecs.harvard.edu/˜syrah/