VTechWorks staff will be away for the winter holidays starting Tuesday, December 24, 2024, through Wednesday, January 1, 2025, and will not be replying to requests during this time. Thank you for your patience, and happy holidays!
 

Secure and Efficient In-Process Monitor and Multi-Variant Execution

dc.contributor.authorYeoh, SengMingen
dc.contributor.committeechairRavindran, Binoyen
dc.contributor.committeememberWang, Hainingen
dc.contributor.committeememberNikolaev, Ruslanen
dc.contributor.departmentElectrical and Computer Engineeringen
dc.date.accessioned2021-02-02T09:00:21Zen
dc.date.available2021-02-02T09:00:21Zen
dc.date.issued2021-02-01en
dc.description.abstractControl flow hijacking attacks such as Return Oriented Programming (ROP) and data oriented attacks like Data Oriented Programming (DOP) are problems still plaguing modern software today. While there have been many attempts at hardening software and protecting against these attacks, the heavy performance cost of running these defenses and intrusive modifications required has proven to be a barrier to adoption. In this work, we present Monguard, a high-performance hardware assisted in-process monitor protection system utilizing Intel Memory Protection Keys (MPK) to enforce execute-only memory, combined with code randomization and runtime binary patching to effectively protect and hide in-process monitors. Next, we introduce L-MVX, a flexible lightweight Multi-Variant Execution (MVX) system running in the in-process monitor system that aims to solve some of the performance problems of recent MVX defenses through selective program call graph protection and in-process monitoring, maintaining security guarantees either by breaking attacker assumptions or creating a scenario where a particular attack only works on a single variant.en
dc.description.abstractgeneralMemory corruption attacks are still prevalent on modern software. While there have been many attempts at hardening software and preventing against these attacks, the heavy performance cost of running these defenses and intrusive modifications required have proven to be a barrier to adoption. In this work, we present L-MVX, a high-performance hardware assisted in-process monitor protection system that provides an unintrusive and efficient way to defend against these attacks on monitor systems. We also introduce L-MVX, a flexible lightweight process monitoring engine running on L-MVX that aims to solve some of the performance problems of recent monitor defenses.en
dc.description.degreeMaster of Scienceen
dc.format.mediumETDen
dc.identifier.othervt_gsexam:28919en
dc.identifier.urihttp://hdl.handle.net/10919/102158en
dc.publisherVirginia Techen
dc.rightsIn Copyrighten
dc.rights.urihttp://rightsstatements.org/vocab/InC/1.0/en
dc.subjectMulti-Variant Executionen
dc.subjectIn-Process Monitoren
dc.subjectMemory Isolationen
dc.titleSecure and Efficient In-Process Monitor and Multi-Variant Executionen
dc.typeThesisen
thesis.degree.disciplineComputer Engineeringen
thesis.degree.grantorVirginia Polytechnic Institute and State Universityen
thesis.degree.levelmastersen
thesis.degree.nameMaster of Scienceen

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Yeoh_S_T_2021.pdf
Size:
969.23 KB
Format:
Adobe Portable Document Format

Collections