GHUMVEE: Efficient, Effective and Flexible Replication Stijn - - PowerPoint PPT Presentation

ghumvee efficient effective and flexible replication
SMART_READER_LITE
LIVE PREVIEW

GHUMVEE: Efficient, Effective and Flexible Replication Stijn - - PowerPoint PPT Presentation

Sep 25, 2023 280 likes •450 views

Vakgroep ELIS GHUMVEE: Efficient, Effective and Flexible Replication Stijn Volckaert Computer Systems Lab Ghent University Belgium N-modular Redundancy variant 1 input variant 2 monitor output variant 3 equivalent components 2

slide-1
SLIDE 1

Vakgroep ELIS

GHUMVEE: Efficient, Effective and Flexible Replication Stijn Volckaert Computer Systems Lab Ghent University Belgium

slide-2
SLIDE 2

2

N-modular Redundancy

input variant 1 variant 2 variant 3 monitor

  • utput

equivalent components

slide-3
SLIDE 3

3

Replication Kernel Variant 1 Variant 2

t t sys_read sys_read

Hardware Monitor

libc libc

sys_read sys_read sys_exec sys_read

slide-4
SLIDE 4

 Run variants in parallel on the same inputs  Detect inconsistent behavior  Transparent to user and programmer  Minimal overhead  Support wide range of diversity  Run realistic programs

4

Replication Goals

  • Cox, B., Evans, D., et al.: N-variant systems: A secretless framework for security through diversity. In: Proc. USENIX SSYM. (2006) 105-120
  • Berger, E., Zorn, B.: DieHard: probabilistic memory safety for unsafe languages. In: Proc. ACM PLDI. (2006) 158-168
  • Bruschi, D., Cavallaro, L.: Diversifed Process Replicae for Defeating Memory Error Exploits. In: Proc. IEEE IPCCC. (2007) 434-441
  • Salamat, B., Jackson, T., et al.: Orchestra: A User Space Multi-Variant Execution Environment. In: Proc. EuroSys. (2009) 33-46
slide-5
SLIDE 5

 Introduction

 Replication  GHUMVEE Overview

 Implementation challenges

 Multithreading & synchronization  Address-sensitive behavior

 Evaluation

 Conclusions 5

Overview

slide-6
SLIDE 6

6

Multithreading (1) Kernel Variant 1

Variant1 Thread1

Hardware

Variant1 Thread2

Variant 2

Variant2 Thread1 Variant2 Thread2 t t t t sys_brk sys_open

slide-7
SLIDE 7

7

Multithreading (2) Kernel

Variant1 Thread1

Hardware

Variant1 Thread2 Variant2 Thread1 Variant2 Thread2 t t t t sys_brk sys_open sys_open sys_brk

slide-8
SLIDE 8

8

User-space locking operations (1) Kernel

Variant1 Thread1

Hardware

Variant2 Thread1 Variant1 Thread2 Variant2 Thread2 t t t t sys_open sys_brk

slide-9
SLIDE 9

9

User-space locking operations (2) Kernel

Variant1 Thread1

Hardware

Variant1 Thread2 Variant2 Thread1 Variant2 Thread2 t t t t 1 sys_open sys_open

slide-10
SLIDE 10

10

Address-Sensitive Behavior

sys_mmap2

Variant 1 Variant 2

Object 1 (0xd4cab9) Object 1 (0xf0ebe2) Object 2 (0xb8a98f) Object 2 (0xdcd4c7) Object 3 (0x7c756c)

Kernel

slide-11
SLIDE 11

11

Benchmarks

10 20 30 40 50 60 70 80 90 100 Relative Performance

SPEC2006 Benchmarks

no MVEE (1 variant) no MVEE (2 variants) MVEE (2 variants) MVEE (3 variants) MVEE (4 variants)

Measured on a core i7-870 quad core system

slide-12
SLIDE 12

12

Supported Programs

slide-13
SLIDE 13

Problematic features

Multi- threade d Custom Sync Address Sensitive Shared Mem Mem- mapped I/ O Time- Aware (rdtsc) Self- aware (/ proc) Glibc Glib (GNOME) kcalc firefox LibreOffice MPlayer

slide-14
SLIDE 14

 For the user:

 Startup overhead

 For the programmers:

 Indicate names of functions that need interception  Don’t inline these functions

14

Transparency

standard library interposer library (header files) libc pthread interposer base lib total lines of C code 260 654 766 829 2509 application library glib gtk

  • rbit

pango libreoffice total lines of C code 105 54 78 54 183 474

slide-15
SLIDE 15

 Realistic programs  Limited performance overhead (~15%)  Limitations for programmers

15

Conclusions

slide-16
SLIDE 16

16