We present a lightweight hardware framework for providing high assurance detection and prevention of code injection attacks using a lockstep diversified shadow execution. Recent studies show that hardware diversificat...
详细信息
ISBN:
(纸本)9783981537024
We present a lightweight hardware framework for providing high assurance detection and prevention of code injection attacks using a lockstep diversified shadow execution. Recent studies show that hardware diversification can detect software attacks by checking the consistency of their behavior simultaneously. Unfortunately, the severe performance degradation and extra system costs caused by these methods are unacceptable in many applications. This paper presents a hardware-level, lockstep shadow thread framework to enrich the diversity of the software execution, with the facilitation from programmable hardware decoder and novel CPU support of tightly coupled shadow thread technique. Specifically, given a piece of (legacy) binary code, we first generate diversified binary versions using an offline binary rewriter and programmable hardware binary translator at runtime. Two diversified binary code images are launched as dual simultaneous threads in the hardware layer with one as the primary thread and the other one as shadow thread. Instructions from the shadow thread are not executed but just compared, and thus incur no OS side-effects. The extended CPU is able to decode instructions from both threads, and dispatch them to the next stage pipeline for a lockstep comparison. Any mismatch of the decoded instructions from the two threads caused by remotely injected binary code will be detected. Our design provides instruction set randomization (ISR) with minimal cost in performance, when compared with straightforward ISR implementation. The simulation results indicate that our framework incurs very small overheads and provides a protection against code injection attacks.
A reliable antifuse (AF) one-time-programmable (OTP) cell and its sensing plus programming circuits for postpackage repair of dynamic random access memory (DRAM) are presented. The OTP cell was fabricated without any ...
详细信息
A reliable antifuse (AF) one-time-programmable (OTP) cell and its sensing plus programming circuits for postpackage repair of dynamic random access memory (DRAM) are presented. The OTP cell was fabricated without any process modifications by utilizing destructive breakdown of thin gate oxide of nMOS capacitor as storage. The measurement results of OTP array fabricated by 0.13-mu m CMOS process show a tight read current distribution after programming. For pin compatibility with standard DRAM specifications, an internal charge pump is designed to provide high program voltage without any additional pin. Based on the AF cells, a programmable decoder is proposed to store the address of failed bit, decode the input address, and decide whether to access normal bit or redundant one of DRAM. The whole bit-repair scheme uses static latches as redundant cells. By avoiding the uses of address comparator and multiplexer, the proposed scheme shows less access penalty compared with prior scheme.
暂无评论