Institutional Repository
Technical University of Crete
EN  |  EL

Search

Browse

My Space

Efficient hardware support for dynamic information flow tracking (DIFT) in the LEON processor

Taxiarchis Vaios

Simple record

URIhttp://purl.tuc.gr/dl/dias/71037DEA-7D49-47DA-A5CE-116FE8173711-
Identifierhttps://doi.org/10.26233/heallink.tuc.65271-
Languageen-
Extent3,6 megabytesen
TitleEfficient hardware support for dynamic information flow tracking (DIFT) in the LEON processoren
TitleΕπέκταση του επεξεργαστή LEON για την αποδοτική υποστήριξη σε υλικό της παρακολούθησης δυναμικής ροής πληροφοριώνel
CreatorTaxiarchis Vaiosen
CreatorΤαξιαρχης Βαϊοςel
Contributor [Thesis Supervisor]Pnevmatikatos Dionysiosen
Contributor [Thesis Supervisor]Πνευματικατος Διονυσιοςel
Contributor [Committee Member]Dollas Apostolosen
Contributor [Committee Member]Δολλας Αποστολοςel
Contributor [Committee Member]Samoladas Vasilisen
Contributor [Committee Member]Σαμολαδας Βασιληςel
PublisherΠολυτεχνείο Κρήτηςel
PublisherTechnical University of Creteen
Academic UnitTechnical University of Crete::School of Electronic and Computer Engineeringen
Academic UnitΠολυτεχνείο Κρήτης::Σχολή Ηλεκτρονικών Μηχανικών και Μηχανικών Υπολογιστώνel
Content SummaryComputer security is of growing importance due to the increasing reliance of computer systems in most societies. Software vulnerabilities can be seen as flaws or weaknesses in the system that can be exploited by an attacker in order to alter the normal behavior of the system. As a consequence, vulnerabilities in the production of software make necessary to have tools that can help programmers to avoid or detect them in the development of the code. Existing defenses, such as canaries or web application firewalls, often suffer from compatibility issues or are easily evaded by a professional attacker. Security defenses should focus on safety, speed, flexibility, practicality and end-to-end coverage. Recent researches have shown that Dynamic Information Flow Tracking (DIFT) is a promising technique for detecting a wide range of security attacks. DIFT tracks the flow of untrusted information within a program’s runtime by extending memory and registers with tags. With hardware support, DIFT can provide comprehensive protection against input validation attacks with minimal performance overhead. Thus, in relation to our on-going research on vulnerability detection, this thesis presents the design and implementation of a hardware platform for DIFT, based on the synthesizable LEON processor. The specific platform is an extension of the LEON processor with additional instructions for data-flow integrity support. Specifically it can track “tag” information along data within the processor pipeline and through computations, if we install appropriate Linux-based operating system. The modified processor protects applications from low-level memory corruption exploits (such as buffer overflows or format string attacks) and can be extended so as to protect from high-level semantic vulnerabilities (such as SQL injections or cross-site scripting) in future work. The processor includes also support to trapping when unsafe data are used as pointers to prevent information leakage.en
Type of ItemΔιπλωματική Εργασίαel
Type of ItemDiploma Worken
Licensehttp://creativecommons.org/licenses/by/4.0/en
Date of Item2016-06-29-
Date of Publication2016-
SubjectProcessor architectureen
SubjectDynamic information flow trackingen
SubjectSoftware vulnerabilitiesen
SubjectComputer securityen
Bibliographic CitationVaios Taxiarchis, "Efficient hardware support for dynamic information flow tracking (DIFT) in the LEON processor", Diploma Work, School of Electronic and Computer Engineering, Technical University of Crete, Chania, Greece, 2016en
Bibliographic CitationΒάϊος Ταξιάρχης, "Επέκταση του επεξεργαστή LEON για την αποδοτική υποστήριξη σε υλικό της παρακολούθησης δυναμικής ροής πληροφοριών", Διπλωματική Εργασία, Σχολή Ηλεκτρονικών Μηχανικών και Μηχανικών Υπολογιστών, Πολυτεχνείο Κρήτης, Χανιά, Ελλάς, 2016el

Available Files

Services

Statistics

 

Copyright © DIAS 2013