securing systems with insecure hardware
play

Securing Systems with Insecure Hardware Kaveh Razavi About VUSec - PowerPoint PPT Presentation

Apr 17, 2023 •254 likes •984 views

Securing Systems with Insecure Hardware Kaveh Razavi About VUSec ~20 members Software protections Binary and malware analysis Fuzzing Network security Hardware and OS security 2 Assuming secure software, what is

  1. Securing Systems with Insecure Hardware Kaveh Razavi

  2. About VUSec ~20 members ● Software protections ● Binary and malware analysis ● Fuzzing ● Network security ● Hardware and OS security 2

  3. Assuming secure software, what is still possible? and what can we do about it? 3

  4. General-purpose Hardware Attacks (2015-) Drammer Spectre/MDS A government entity in a certain country: “can we please have the Drammer exploit?” 4

  5. What Is Different? 1) Attacks and their impact are not obvious 2) Problems are often structural 3) Cannot “update” hardware 5

  6. Defending These New Classes of Attacks Defense Novel Attacks Novel Defenses Assessment DRAM-based corruptions (Rowhammer) Hardware-based information leakage 6

  7. Defending These New Classes of Attacks Defense Novel Attacks Novel Defenses Assessment DRAM-based corruptions (Rowhammer) Hardware-based information leakage 7

  8. The Rowhammer Problem We have reduced transistor without caring for reliability/security Years later Rowhammer: affects 87% of deployed DDR3 memory, DDR4 as well. Kim et al., “Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors,” ISCA’14 8

  9. Exploiting These Flips Random, previously unknown locations, single flips. 1) Templating 2) Massaging $ 3) Exploitation $ DRAM Razavi et al., “Flip Feng Shui: Hammering a Needle into the Software Stack,” SEC’16 9

  10. Compromising Cloud Virtual Machines 1) Templating Attacker’s own memory Attacker VM 2) Massaging DRAM Memory deduplication Victim VM 3) Exploitation 10

  11. Memory Deduplication Attacker VM Victim VM $ 11

  12. Memory Deduplication Attacker VM $ Victim VM $ 12

  13. Memory Deduplication Attacker VM $ Victim VM $ 13

  14. Compromising Cloud Virtual Machines 1) Templating Attacker’s own memory Attacker VM 2) Massaging DRAM Memory deduplication Victim VM 3) Exploitation Corrupt RSA public keys (OpenSSH) 14

  15. Factorizing Corrupted RSA Public Keys n = p × q → PK (public key) FFS PK → PK' PK' → n' = p' × q' × z' × ... 15

  16. Attack’s Success Rate 16

  17. Flip Feng Shui on Mobile Devices (ARM) 1) Templating Cores → ION (DMA) memory Not possible to hammer → buddy allocation 2) Massaging Caches No dedup 3) Exploitation DRAM 17

  18. Results - Drammer on 27 phones 22 seconds to root on 18 out of 27 tested phones. 18

  19. Impact ● Similarly applicable in the browser (GLitch S&P’18) ● Response: mostly disabling features ○ Google disabled parts of ION allocator ○ Microsoft and cloud providers turned dedup off ● Major media attention ● Two best paper and two pwnie awards 19

  20. Defending These New Classes of Attacks Defense Novel Attacks Novel Defenses Assessment DRAM-based corruptions (Rowhammer) Hardware-based information leakage 20

  21. Proposed Defenses Disabling features: - Deduplication (massaging) - ION contiguous heap (templating) Expensive and not secure Drammer (dedup), GuardION (ION) 21

  22. Proposed Defenses Disabling features: Hardware defenses: - Deduplication - ECC (templating) - ION heaps - PARA/TRR (templating) 22

  23. Error-correction Codes (SECDED) ● Original paper demonstrated SECDED not to be enough ● … but exploitation turned out to be difficult ○ ECC implementation is closed Cores (guarantees unknown) ○ 1 bit flips not visible, DRAM Controller 2 bit flips crash the system DRAM ECC DRAM as a practical secure defense. 23

  24. Recovering ECC Functions ● Observing signals are not easy at 1Ghz+ ○ Need custom interposer ○ Expensive logic analyzer ● Fault injection with syringe needles! ● Short-circuit data lines with Vss ○ High-to-low voltage flips ● With some math error reports allows for ECC recovery Cojocar et al., “Exploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks,” S&P’19 24

  25. Results 25

  26. Avoiding Crashes Detect single flips and merge them for silent corruptions. Distinguished Practical Paper Award at S&P’19 26

  27. Proposed Defenses Disabling features: Hardware defenses: - Deduplication - ECC (templating) - ION heaps - PARA/TRR (templating) Not deployed everywhere and some implementations are insecure (current work) 27

  28. Proposed Defenses Disabling features: Hardware defenses: - Deduplication - ECC (templating) - ION heaps - PARA/TRR (templating) Proper protection in software with existing hardware interfaces? 28

  29. Defending These New Classes of Attacks Defense Novel Attacks Novel Defenses Assessment DRAM-based corruptions (Rowhammer) Hardware-based information leakage 29

  30. Rowhammer’s Fault Model Bit flips affect adjacent rows Isolate every memory row from another... 30

  31. ZebRAM: Even/Odd Rows Isolated from Each Other Konoth et al., “ZebRAM: Comprehensive and Compatible Software Protection Against Rowhammer Attacks,” OSDI’18 31

  32. ZebRAM’s Design Swap Cache ALIS VTx Swap SHA2 1) How to allocate odd/even rows? 2) How to map odd/even rows to safe/unsafe regions? 3) How to utilize unsafe region? 4) How to protect the safe/unsafe regions? 32

  33. Life of a Page in ZebRAM Safe Memory Cache Swap # Linux/KVM Kernel: 1454 LoC User: 5118 LoC 33

  34. Evaluation: SPEC 2006 34

  35. Evaluation: Security Run no. Total Number of Flips Detected by ZebRAM 1 4,702 4,702 2 5,132 5,132 3 2,790 2,790 First comprehensive and compatible Rowhammer protection. 35

  36. Defending These New Classes of Attacks Defense Novel Attacks Novel Defenses Assessment DRAM-based corruptions (Rowhammer) Hardware-based information leakage 36

  37. Defending These New Classes of Attacks Defense Novel Attacks Novel Defenses Assessment DRAM-based corruptions (Rowhammer) Hardware-based information leakage 37

  38. Traditional Cache Attacks Attacker Core Victim Core Shared Last Level Cache DRAM 38

  39. Attacking CPU-internal Components Core MMU AnC ASLR leak 2017 39

  40. AnC: MMU Leaves a Trace in the CPU Caches Secret: randomized CPU Cache virtual address 40 Gras/Razavi et al., “ASLR on the Line: Practical Cache Attacks on the MMU,” NDSS’17

  41. AnC from JavaScript 41

  42. Affected Architectures 42

  43. Impact ● Response: spot mitigations ○ Apple updated WebKit allocation policies ○ Jitter in the timers ● Best Dutch cyber security research award ● Pwnie for most innovative research 43

  44. Attacking CPU-internal Components Core Core MMU SPEC AnC Spectre ASLR leak Arbitrary leak 2017 2018 44

  45. Cannot point to Secret Points to Secret Attacker Process *ptr; *ptr; Victim Process Covert channel Exception! Mitigations: Flush+Reload Array limit the pointer Flush arr[0] Flush arr[1] Secret Flush arr[2] ... L1 Cache arr[*ptr]; 45

  46. Are these spot mitigations enough? 46

  47. Defending These New Classes of Attacks Defense Novel Attacks Novel Defenses Assessment DRAM-based corruptions (Rowhammer) Hardware-based information leakage 47

  48. Attacking CPU-internal Components Core Core Core MMU SPEC LFB AnC Spectre RIDL ASLR leak Arbitrary leak Arbitrary leak 2017 2018 2019 48 Van Schaik et al., “RIDL: Rogue Inflight Data Load,” S&P’19

  49. arr[NULL]; Invalid pointers leak! Attacker Process *ptr; *ptr; Covert channel Victim Process Leakage across the board , bypassing all mitigations. Secret Various CPU buffers L1 Cache 49

  50. Which CPUs Are Vulnerable? 1 Year of CVD with Intel $100,000 bounty award 50

  51. Other Defenses: Partitioning ● Partitioning is imperfect ○ TLBLeed (SEC’18), XLATE (SEC’18) ● New OS primitives allow for secure partitioning (VUsion, SOSP’17) 51

  52. Conclusion Hardware is the new software except it is harder to fix Spot mitigations are costly and ineffective Principled mitigations in software/hardware Ben Gras, Victor van der Veen, Erik Bosman, Pietro Frigo, Andrei Tatar, Radhesh Konoth, Stephan van Schaik, Alyssa Milburn, Sebastian Ostersund, Dennis Andriesse, Elias Athanasopoulos, Daniel Gruss, Clementine Maurice, Yanick Fratantonio, Martina Lindorfer, Giovanni Viga, Bart Preneel, Cristiano Giuffrida, Herbert Bos 52

  53. I am hiring PhD students! To do exciting hardware security research Email: kaveh@cs.vu.nl Twitter: @kavehrazavi 53

  54. What’s Next? 54

  55. Evaluation: Redis Throughput at Saturation 55

  56. ECC: Replicating Existing Attacks 56

  57. Reducing ASLR Entropy 57

  58. (p)TRR ● Original paper (PARA): on DRAM row activation refresh adjacent rows with a certain probability ○ Found to be effective ● (LP)DDR4 standard: count activations and refresh adjacent rows ● Many different implementations ○ Some look insecure, deployability? (current work) 58

  59. Proposed Defenses Disabling features: Hardware defenses: - Deduplication - ECC - ION heaps - (p)TRR Software defenses: - ANVIL (templating) - CATT (memory massaging) 59

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Securing Software Systems by Preventing Information Leaks Kangjie Lu Georgia Institute of

Securing Software Systems by Preventing Information Leaks Kangjie Lu Georgia Institute of

Securing Software Systems by Preventing Information Leaks Kangjie Lu Georgia Institute of Technology Computer devices are everywhere 2 Foundational software systems 3 Inherent insecurity: Vulnerabilities and insecure designs Implemented in

774 views • 74 slides
Securing IoT with a hardware Secure Element Marc Renaudin - Serge Maginot - TIEMPO CONFIDENTIAL

Securing IoT with a hardware Secure Element Marc Renaudin - Serge Maginot - TIEMPO CONFIDENTIAL

Securing IoT with a hardware Secure Element Marc Renaudin - Serge Maginot - TIEMPO CONFIDENTIAL TIEMPO S.A.S. December 3, 2019 1 Outline Connected Objects Securing IoT with a hardware Secure Element Introduction Securing Treats

537 views • 10 slides
Ninja Scaning by Fyodor CanSecWest 2009 March 20, 3:50 PM

Ninja Scaning by Fyodor CanSecWest 2009 March 20, 3:50 PM

Insecure.Org Insecure.Org Ninja Scaning by Fyodor CanSecWest 2009 March 20, 3:50 PM http://insecure.org/presentations/CSW09/ Insecure.Org Insecure.Org Ncat http://nmap.org/ncat/ Insecure.Org Insecure.Org Modern Networking Features

689 views • 21 slides
IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT is a system of systems, with A great deal of heterogeneity (sensing, computation, communication, energy) New types of devices appearing all

1.35k views • 65 slides
CSC 6991: Using Hardware Isolated Execu;on Environments for

CSC 6991: Using Hardware Isolated Execu;on Environments for

CSC 6991: Using Hardware Isolated Execu;on Environments for Securing Systems Fengwei Zhang Wayne State University CSC 6991 Advanced Computer Security 1

302 views • 19 slides
Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing

Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing

Introduction Attack Model k -Security Layout Randomization Summary Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing for Obfuscation Frank Imeson ECE, University of Waterloo USENIX Security 13

540 views • 43 slides
CSE 120 Hardware How hardware works Operating Systems Layer What the kernel does API

CSE 120 Hardware How hardware works Operating Systems Layer What the kernel does API

Overview CSE 120 Hardware How hardware works Operating Systems Layer What the kernel does API What the programmer does July 27, 2006 Day 8 Input/Output Instructor: Neil Rhodes 2 Hardware Hardware Kinds Bus : a set of wires

613 views • 6 slides
Scripting and Extending Nmap and Wireshark with Lua by Gerald Combs & Gordon Fyodor

Scripting and Extending Nmap and Wireshark with Lua by Gerald Combs & Gordon Fyodor

Insecure.Org Insecure.Org Scripting and Extending Nmap and Wireshark with Lua by Gerald Combs & Gordon Fyodor Lyon Sharkfest 2010 June 16, 1:15 PM http://insecure.org/presentations/Sharkfest10/ Insecure.Org Insecure.Org Nmap

278 views • 16 slides
Protecting Insecure Communications with Topology-aware Network Tunnels Georgios Kontaxis Angelos

Protecting Insecure Communications with Topology-aware Network Tunnels Georgios Kontaxis Angelos

Protecting Insecure Communications with Topology-aware Network Tunnels Georgios Kontaxis Angelos D. Keromytis Department of Computer Science Columbia University, USA Clients securing their traffic to a server TLS unavailable at the server

682 views • 18 slides
Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1

Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1

Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1 Fengwei Zhang 1 Weisong Shi 1 Larry Shi 2 1 Wayne State University 2 University of Houston November 21, 2019 1 Overview of The Talk Motivation

575 views • 24 slides
Securing Hardware Platforms Against Malicious Circuits Through Static Analysis Matthew Hicks -

Securing Hardware Platforms Against Malicious Circuits Through Static Analysis Matthew Hicks -

Securing Hardware Platforms Against Malicious Circuits Through Static Analysis Matthew Hicks - University of Illinois Samuel T. King - University of Illinois Milo M. K. Martin - University of Pennsylvania Jonathan M. Smith - University of

625 views • 27 slides
for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1

for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1

Attacker Models for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1 Security-sensitive hardware: examples 2 Naive attacker model Attacks on communication channels exploiting lousy crypto or insecure

904 views • 45 slides
A4: Insecure Direct Object References A4 Insecure Direct Object References General

A4: Insecure Direct Object References A4 Insecure Direct Object References General

A4: Insecure Direct Object References A4 Insecure Direct Object References General problem: Unrestricted Access A4: Data not properly protected A7: Functions not properly protected Examples Presentation-layer access control

506 views • 27 slides
Hardware Pool Embedded Operating Systems Operating Systems & Middleware Group Available

Hardware Pool Embedded Operating Systems Operating Systems & Middleware Group Available

Hardware Pool Embedded Operating Systems Operating Systems & Middleware Group Available Hardware Arduino Uno ATmega328P 16 MHz 32 KB flash 2 KB SRAM 1 KB EEPROM 2 Embedded Operating Systems | Hardware Pool | November

347 views • 16 slides
Hardware Issues for Operating Systems CS 111 Operating Systems Peter Reiher Lecture 3 CS 111

Hardware Issues for Operating Systems CS 111 Operating Systems Peter Reiher Lecture 3 CS 111

Hardware Issues for Operating Systems CS 111 Operating Systems Peter Reiher Lecture 3 CS 111 Page 1 Fall 2015 Outline Hardware and the operating system Processor issues Buses and devices Disk drives Well talk about

777 views • 64 slides
A Configurable Hardware Scheduler A Configurable Hardware Scheduler (CHS) for Real- -Time

A Configurable Hardware Scheduler A Configurable Hardware Scheduler (CHS) for Real- -Time

A Configurable Hardware Scheduler A Configurable Hardware Scheduler (CHS) for Real- -Time Systems Time Systems (CHS) for Real Pramote Kucharoen, Mohamed A. Shalan and Vincent J. Mooney III Center for Research on Embedded Systems and

244 views • 21 slides
Impersonation CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman, Mobin Javed,

Impersonation CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman, Mobin Javed,

Impersonation CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman, Mobin Javed, Antonio Lupher, Paul Pearce & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ March 5, 2013 Goals For Today Web driveby

945 views • 76 slides
Software Security: Defenses CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva

Software Security: Defenses CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva

Software Security: Defenses CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca

583 views • 55 slides
ERISA Overpayments Claims & Defenses AIDS Legal Referral Panel November 14, 2018 MCLE

ERISA Overpayments Claims & Defenses AIDS Legal Referral Panel November 14, 2018 MCLE

ERISA Overpayments Claims & Defenses AIDS Legal Referral Panel November 14, 2018 MCLE Training Kirsten Scott Renaker Hasselman Scott, LLP 235 Montgomery Street, Suite 944 San Francisco, CA 94104 415-653-1733 www.renakerhasselman.com

397 views • 21 slides
Construction/Maintenance Contracts: What You Need To Know During the Pandemic Presentation By:

Construction/Maintenance Contracts: What You Need To Know During the Pandemic Presentation By:

Construction/Maintenance Contracts: What You Need To Know During the Pandemic Presentation By: Timothy M. Scully and Hannah C. Kreuser Presented By: Legal Disclaimer Porter Law Group provides the following presentation and materials for

713 views • 29 slides
Monday Morning in the ED.. 54 year-old male with palpitations and chest pain AF with RVR, rate

Monday Morning in the ED.. 54 year-old male with palpitations and chest pain AF with RVR, rate

11/4/2013 Monday Morning in the ED.. 54 year-old male with palpitations and chest pain AF with RVR, rate 155 bpm, BP 89/46 Shocking Revelations in Electrical Management of Dysrhythmias Eric Silman, MD Assistant Residency Director,

57 views • 5 slides
Ayala-Paredes, Benoit Coutu, Atul Verma, Franois Philippon, Eli Kalfon, Roopinder K. Sandhu,

Ayala-Paredes, Benoit Coutu, Atul Verma, Franois Philippon, Eli Kalfon, Roopinder K. Sandhu,

Pacemaker or Defibrillator Surgery Without Interruption of Direct Oral Anticoagulants: BRUISE CONTROL - 2 (a randomized controlled trial of continued versus interrupted direct oral anti-coagulant at the time of surgery) David H. Birnie , Jeff S.

364 views • 21 slides
Revive. PIN PINK A Revive. Re A phone powered, compact Automated External Defi fibrillator

Revive. PIN PINK A Revive. Re A phone powered, compact Automated External Defi fibrillator

Revive. PIN PINK A Revive. Re A phone powered, compact Automated External Defi fibrillator (AED) that provides greater access to defi fibrillation at a lower cost co Early defi fibrillation is the only way to restore th the v victi

580 views • 10 slides
Prof Gavin Perkins Chairman ALS Subcommittee Resuscitation Council (UK) Charitable

Prof Gavin Perkins Chairman ALS Subcommittee Resuscitation Council (UK) Charitable

Prof Gavin Perkins Chairman ALS Subcommittee Resuscitation Council (UK) Charitable organisation Founded 1981 Focus Policy document Clinical guidelines Training Research Chain of survival Key messages Resuscitation

404 views • 28 slides

More recommend